Abstract

Network Intrusion Detection Systems (NIDS) make extensive use of regular expressions (regexes) as attack signatures. Such expressions can be handled in hardware using a bit-parallel (BP) architecture based on the Glushkov non-deterministic finite automata (NFA). However, many expressions contain constrained {min, max} repetitions which first need to be unrolled so that they can be handled by the standard BP system. Such unrolling often leads to an excessive memory requirement which makes handling of such regexes unfeasible. This study presents a solution, based on the standard BP architecture, which incorporates a counting mechanism that renders unrolling unnecessary. As a result, many regexes, which were previously unsuitable for the standard BP system, can now be efficiently handled. Unlike many other approaches, this architecture is dynamically reconfigurable thanks to its memory, rather than logic, based engine. This is important as NIDS rule sets are regularly updated. It can also handle repetition of both single and multi-symbol sub-expressions.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A survey on Finite Automata based pattern matching techniques for network Intrusion Detection System (NIDS)
Prashantkumar M Rathod ... Nilesh Marathe
-
Prashantkumar M Rathod, et. al.Prashantkumar M Rathod ... Nilesh Marathe
01 Oct 2014
Hybrid Regular Expression Matching for Deep Packet Inspection on Multi-Core Architecture
Yan Sun ... Min Sik Kim
-
Yan Sun, et. al.Yan Sun ... Min Sik Kim
01 Aug 2010
TCP/IP Reassembly in Network Intrusion Detection and Prevention Systems
Xiaojun Wang ... Brendan Cronin
International Journal of Information Security and Privacy | VOL. 8
Xiaojun Wang, et. al.Xiaojun Wang ... Brendan Cronin
01 Jul 2014
TriBiCa: Trie Bitmap Content Analyzer for High-Speed Network Intrusion Detection
N S Artan ... H J Chao
-
N S Artan, et. al.N S Artan ... H J Chao
01 Jan 2007
View more papers

More From: IET Information Security

Paper Title
Journal
Date
Author
Optimal Joint Defense and Monitoring for Networks Security under Uncertainty: A POMDP-Based Approach
Armita Kazeminajafabadi ... Mahdi Imani
IET Information Security | VOL. 2024
Armita Kazeminajafabadi, et. al.Armita Kazeminajafabadi ... Mahdi Imani
27 May 2024
Automated Differential-Linear Cryptanalysis for AND-RX Ciphers
Wenya Li ... Kai Zhang
IET Information Security | VOL. 2024
Wenya Li, et. al.Wenya Li ... Kai Zhang
21 May 2024
Unveiling the Neutral Difference and Its Automated Search
Guangqiu Lv ... Chenhui Jin
IET Information Security | VOL. 2024
Guangqiu Lv, et. al.Guangqiu Lv ... Chenhui Jin
14 May 2024
Boosting the Transferability of Ensemble Adversarial Attack via Stochastic Average Variance Descent
Lei Zhao ... Bin Pu
IET Information Security | VOL. 2024
Lei Zhao, et. al.Lei Zhao ... Bin Pu
11 May 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.