Deflating the Big Bang: Fast and Scalable Deep Packet Inspection with Extended Finite Automata Date:101/3/21 Publisher:SIGCOMM 08 Author:Randy Smith Cristian.

Slides:



Advertisements
Similar presentations
Deep packet inspection – an algorithmic view Cristian Estan (U of Wisconsin-Madison) at IEEE CCW 2008.
Advertisements

Unambiguous automata inference by means of states-merging methods François Coste, Daniel Fredouille
1 CS 201 Compiler Construction Lecture 3 Data Flow Analysis.
Complexity and Computability Theory I Lecture #4 Rina Zviel-Girshin Leah Epstein Winter
Nondeterministic Finite Automata CS 130: Theory of Computation HMU textbook, Chapter 2 (Sec 2.3 & 2.5)
1 1 CDT314 FABER Formal Languages, Automata and Models of Computation Lecture 3 School of Innovation, Design and Engineering Mälardalen University 2012.
Compiler Construction
XFA : Faster Signature Matching With Extended Automata Author: Randy Smith, Cristian Estan and Somesh Jha Publisher: IEEE Symposium on Security and Privacy.
Introduction to Computability Theory
Finite Automata Great Theoretical Ideas In Computer Science Anupam Gupta Danny Sleator CS Fall 2010 Lecture 20Oct 28, 2010Carnegie Mellon University.
1 Introduction to Computability Theory Lecture2: Non Deterministic Finite Automata Prof. Amos Israeli.
Nonregular languages Sipser 1.4 (pages 77-82). CS 311 Mount Holyoke College 2 Nonregular languages? We now know: –Regular languages may be specified either.
Introduction to Computability Theory
1 Introduction to Computability Theory Lecture7: PushDown Automata (Part 1) Prof. Amos Israeli.
Introduction to Computability Theory
1 Introduction to Computability Theory Discussion1: Non-Deterministic Finite Automatons Prof. Amos Israeli.
Nonregular languages Sipser 1.4 (pages 77-82). CS 311 Fall Nonregular languages? We now know: –Regular languages may be specified either by regular.
Lecture 3UofH - COSC Dr. Verma 1 COSC 3340: Introduction to Theory of Computation University of Houston Dr. Verma Lecture 3.
Finite Automata and Non Determinism
Courtesy Costas Busch - RPI1 Non Deterministic Automata.
1 Introduction to Computability Theory Lecture2: Non Deterministic Finite Automata (cont.) Prof. Amos Israeli.
Lecture 3 Goals: Formal definition of NFA, acceptance of a string by an NFA, computation tree associated with a string. Algorithm to convert an NFA to.
CSC 3130: Automata theory and formal languages Andrej Bogdanov The Chinese University of Hong Kong Nondeterminism.
Lecture 3 Goals: Formal definition of NFA, acceptance of a string by an NFA, computation tree associated with a string. Algorithm to convert an NFA to.
Fall 2006Costas Busch - RPI1 Non-Deterministic Finite Automata.
CS5371 Theory of Computation Lecture 4: Automata Theory II (DFA = NFA, Regular Language)
1 Non-Deterministic Automata Regular Expressions.
Introduction to Finite Automata Adapted from the slides of Stanford CS154.
1.Defs. a)Finite Automaton: A Finite Automaton ( FA ) has finite set of ‘states’ ( Q={q 0, q 1, q 2, ….. ) and its ‘control’ moves from state to state.
Costas Busch - LSU1 Non-Deterministic Finite Automata.
1 Non-Deterministic Finite Automata. 2 Alphabet = Nondeterministic Finite Automaton (NFA)
Nondeterminism (Deterministic) FA required for every state q and every symbol  of the alphabet to have exactly one arrow out of q labeled . What happens.
Improving Signature Matching using Binary Decision Diagrams Liu Yang, Rezwana Karim, Vinod Ganapathy Rutgers University Randy Smith Sandia National Labs.
Nondeterministic Finite Automata CS 130: Theory of Computation HMU textbook, Chapter 2 (Sec 2.3 & 2.5)
1Computer Sciences Department. Book: INTRODUCTION TO THE THEORY OF COMPUTATION, SECOND EDITION, by: MICHAEL SIPSER Reference 3Computer Sciences Department.
REGULAR LANGUAGES.
Theory of Languages and Automata
Theory of Computation, Feodor F. Dragan, Kent State University 1 Regular expressions: definition An algebraic equivalent to finite automata. We can build.
By: Er. Sukhwinder kaur.  What is Automata Theory? What is Automata Theory?  Alphabet and Strings Alphabet and Strings  Empty String Empty String 
An Improved Algorithm to Accelerate Regular Expression Evaluation Author: Michela Becchi, Patrick Crowley Publisher: 3rd ACM/IEEE Symposium on Architecture.
Lexical Analysis Constructing a Scanner from Regular Expressions.
CS412/413 Introduction to Compilers Radu Rugina Lecture 4: Lexical Analyzers 28 Jan 02.
1 Languages and Compilers (SProg og Oversættere) Lexical analysis.
1 CD5560 FABER Formal Languages, Automata and Models of Computation Lecture 3 Mälardalen University 2010.
CHAPTER 1 Regular Languages
INFAnt: NFA Pattern Matching on GPGPU Devices Author: Niccolo’ Cascarano, Pierluigi Rolando, Fulvio Risso, Riccardo Sisto Publisher: ACM SIGCOMM 2010 Presenter:
CMSC 330: Organization of Programming Languages Finite Automata NFAs  DFAs.
Extending Finite Automata to Efficiently Match Perl-Compatible Regular Expressions Publisher : Conference on emerging Networking EXperiments and Technologies.
TCAM –BASED REGULAR EXPRESSION MATCHING SOLUTION IN NETWORK Phase-I Review Supervised By, Presented By, MRS. SHARMILA,M.E., M.ARULMOZHI, AP/CSE.
Deterministic Finite Automata CS 130: Theory of Computation HMU textbook, Chapter 2 (Sec 2.2)
Chapter 3 Regular Expressions, Nondeterminism, and Kleene’s Theorem Copyright © 2011 The McGraw-Hill Companies, Inc. Permission required for reproduction.
Author : Randy Smith & Cristian Estan & Somesh Jha Publisher : IEEE Symposium on Security & privacy,2008 Presenter : Wen-Tse Liang Date : 2010/10/27.
The decidability of Presburger Arithmetic By Guillermo Guillen 04/13/05 Dr. Smith COT 6421 FIU Spring 2005.
Fast and Memory-Efficient Regular Expression Matching for Deep Packet Inspection Publisher : ANCS’ 06 Author : Fang Yu, Zhifeng Chen, Yanlei Diao, T.V.
Nondeterministic Finite Automata (NFAs). Reminder: Deterministic Finite Automata (DFA) q For every state q in Q and every character  in , one and only.
Algorithms for hard problems Automata and tree automata Juris Viksna, 2015.
Chapter 5 Finite Automata Finite State Automata n Capable of recognizing numerous symbol patterns, the class of regular languages n Suitable for.
CS 404Ahmed Ezzat 1 CS 404 Introduction to Compiler Design Lecture 1 Ahmed Ezzat.
Advanced Algorithms for Fast and Scalable Deep Packet Inspection Author : Sailesh Kumar 、 Jonathan Turner 、 John Williams Publisher : ANCS’06 Presenter.
LECTURE 5 Scanning. SYNTAX ANALYSIS We know from our previous lectures that the process of verifying the syntax of the program is performed in two stages:
Gnort: High Performance Network Intrusion Detection Using Graphics Processors Date:101/2/15 Publisher:ICS Author:Giorgos Vasiliadis, Spiros Antonatos,
1 Section 11.2 Finite Automata Can a machine(i.e., algorithm) recognize a regular language? Yes! Deterministic Finite Automata A deterministic finite automaton.
1 Finite Automata. 2 Introductory Example An automaton that accepts all legal Pascal identifiers: Letter Digit Letter or Digit "yes" "no" 2.
Lecture 2 Compiler Design Lexical Analysis By lecturer Noor Dhia
1 Chapter 2 Finite Automata (part a) Hokkaido, Japan.
Recap: Nondeterministic Finite Automaton (NFA) A deterministic finite automaton (NFA) is a 5-tuple (Q, , ,s,F) where: Q is a finite set of elements called.
Chapter 2 FINITE AUTOMATA.
Speculative Parallel Pattern Matching
Finite Automata.
Chapter 1 Regular Language
Presentation transcript:

Deflating the Big Bang: Fast and Scalable Deep Packet Inspection with Extended Finite Automata Date:101/3/21 Publisher:SIGCOMM 08 Author:Randy Smith Cristian Estan Somesh Jha Shijin KongIoannidis Presenter : Shi-qu Yu

Introduction Regular expressions are typically implemented as either deterministic finite automata (DFAs) or nondeterministic finite automata (NFAs). Like strings, DFAs are fast and can be readily combined. However, for many common signatures their combination exhibits an explosion in the state space

UNDERSTANDING STATE EXPLOSION

Eliminating Ambiguity Through Auxiliary Variables Theorem 1. Let D1 and D2 be DFAs with D1+D2 their standard product combination. If D1 and D2 are unambiguous, then |D1 + D2| < |D1| + |D2|, where |D| is the number of states in D. Theorem 2. If D1 and D2 are unambiguous, then D1 + D2 is unambiguous.

XFA XFA Construction[31] Combining XFAs Matching to Input

OPTIMIZATION Exposing Runtime Information Combining Independent Variables Code Motion and Instruction Merging

Combining Independent Variables Dataflow Analysis Compatibility Analysis

Dataflow Analysis Definition 2. Let Q be the set of states containing a set operation for counter C. Then, C is active at state S if there is at least one sequence of input symbols forming a path of states from a state in Q to S in which no state in the path contains a reset operation for C. Otherwise C is inactive.

Compatibility Analysis Two counters can be reduced to one if they are compatible at all states in the automaton

Combining Independent Variables

Dataflow Analysis A stream is a sequence of operations that execute in order. While the stream is executing, the CPU is able to collect the next batch of packets.

EXPERIMENTAL EVALUATION Data Set:XFAs on FTP, SMTP, and HTTP signatures from Snort [28] and Cisco Systems. CPU:3.0 GHz Pentium 4

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.