Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Regular expression matching with input compression : a hardware design for use within network intrusion detection systems Department of Computer Science.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Regular expression matching with input compression : a hardware design for use within network intrusion detection systems Department of Computer Science."— Presentation transcript:

1 1 Regular expression matching with input compression : a hardware design for use within network intrusion detection systems Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C. Authors: Gerald Tripp Publisher: Journal in Computer Virology, 19 March 2007 Present: Yu-Tso Chen Date: November, 22, 2007

2 2 Outline 1. Introduction 2. Definitions and problem description 3. Matching of Individual Patterns 4. Selective Grouping of Multiple Patterns 5. Evaluation Result 6. Conclusion

3 3 Introduction Build a table based automata implement- ation but to use a form of input compression The table based approach allow the system to be dynamically updated at run time The input compression helps to make significant reductions in the automata memory requirements.

4 4 Outline 1. Introduction 2. Definitions and problem description 3. Matching of Individual Patterns 4. Selective Grouping of Multiple Patterns 5. Evaluation Result 6. Conclusion

5 5 Definitions and problem description Simple table based implementations can require quite a lot of memory resources REs themselves that often create automata with more node (and edges) Tables required for implementing automata can have a high level of redundancy

6 6 Definitions and problem description (cont.) For a Mealy machine, the amount of memory M in bits for a DFA with s states, i input bits and o output bits

7 7 Outline 1. Introduction 2. Definitions and problem description 3. Regular expression implementation 4. Input compression 5. Evaluation Result

8 8 Packed array DFA implementation

9 9 Packed transition tables

10 10 Packed transition tables

11 11 Outline 1. Introduction 2. Definitions and problem description 3. Regular expression implementation 4. Input compression 5. Evaluation Result

12 12 Input compression E sn as the set of characters enabling the edge or edges between current state s and next state n Complete set of edge sets P a P a gives us the sets of characters that we are interested in for all DFA edges. These sets may however have overlaps

13 13 Input compression P d is a set of disjoint sets of input characters

14 14 Example

15 15 Example (cont.)

16 16 Outline 1. Introduction 2. Definitions and problem description 3. Regular expression implementation 4. Input compression 5. Evaluation Result

17 17 Evaluation Result

Download ppt "1 Regular expression matching with input compression : a hardware design for use within network intrusion detection systems Department of Computer Science."

Similar presentations

Deep Packet Inspection with DFA-trees and Parametrized Language Overapproximation Author: Daniel Luchaup, Lorenzo De Carli, Somesh Jha, Eric Bach Publisher:

Deep Packet Inspection with DFA-trees and Parametrized Language Overapproximation Author: Daniel Luchaup, Lorenzo De Carli, Somesh Jha, Eric Bach Publisher:
Optimizing Regular Expression Matching with SR-NFA on Multi-Core Systems Authors : Yang, Y.E., Prasanna, V.K. Yang, Y.E. Prasanna, V.K. Publisher : Parallel.

Optimizing Regular Expression Matching with SR-NFA on Multi-Core Systems Authors : Yang, Y.E., Prasanna, V.K. Yang, Y.E. Prasanna, V.K. Publisher : Parallel.
An Efficient Regular Expressions Compression Algorithm From A New Perspective Authors : Tingwen Liu,Yifu Yang,Yanbing Liu,Yong Sun,Li Guo Tingwen LiuYifu.

An Efficient Regular Expressions Compression Algorithm From A New Perspective Authors : Tingwen Liu,Yifu Yang,Yanbing Liu,Yong Sun,Li Guo Tingwen LiuYifu.
1 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs Department of Computer Science and Information Engineering National.

1 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs Department of Computer Science and Information Engineering National.
A Memory-Efficient Reconfigurable Aho-Corasick FSM Implementation for Intrusion Detection Systems Authors: Seongwook Youn and Dennis McLeod Presenter:

A Memory-Efficient Reconfigurable Aho-Corasick FSM Implementation for Intrusion Detection Systems Authors: Seongwook Youn and Dennis McLeod Presenter:
Pipelined Parallel AC-based Approach for Multi-String Matching Department of Computer Science and Information Engineering National Cheng Kung University,

Pipelined Parallel AC-based Approach for Multi-String Matching Department of Computer Science and Information Engineering National Cheng Kung University,
An Efficient IP Address Lookup Algorithm Using a Priority Trie Authors: Hyesook Lim and Ju Hyoung Mun Presenter: Yi-Sheng, Lin ( 林意勝 ) Date: Mar. 11, 2008.

An Efficient IP Address Lookup Algorithm Using a Priority Trie Authors: Hyesook Lim and Ju Hyoung Mun Presenter: Yi-Sheng, Lin ( 林意勝 ) Date: Mar. 11, 2008.
1 Hybrid cache architecture for high-speed packet processing Department of Computer Science and Information Engineering National Cheng Kung University,

1 Hybrid cache architecture for high-speed packet processing Department of Computer Science and Information Engineering National Cheng Kung University,
1 An adaptable FPGA-based System for Regular Expression Matching Department of Computer Science and Information Engineering National Cheng Kung University,

1 An adaptable FPGA-based System for Regular Expression Matching Department of Computer Science and Information Engineering National Cheng Kung University,
Design of High Performance Pattern Matching Engine Through Compact Deterministic Finite Automata Department of Computer Science and Information Engineering.

Design of High Performance Pattern Matching Engine Through Compact Deterministic Finite Automata Department of Computer Science and Information Engineering.
1 ReCPU:a Parallel and Pipelined Architecture for Regular Expression Matching Department of Computer Science and Information Engineering National Cheng.

1 ReCPU:a Parallel and Pipelined Architecture for Regular Expression Matching Department of Computer Science and Information Engineering National Cheng.
Scalable IPv6 Lookup/Update Design for High-Throughput Routers Authors: Chung-Ho Chen, Chao-Hsien Hsu, Chen -Chieh Wang Presenter: Yi-Sheng, Lin ( 林意勝.

Scalable IPv6 Lookup/Update Design for High-Throughput Routers Authors: Chung-Ho Chen, Chao-Hsien Hsu, Chen -Chieh Wang Presenter: Yi-Sheng, Lin ( 林意勝.
1 FPGA-based ROM-free network intrusion detection using shift-OR circuit Department of Computer Science and Information Engineering National Cheng Kung.

1 FPGA-based ROM-free network intrusion detection using shift-OR circuit Department of Computer Science and Information Engineering National Cheng Kung.
Compact State Machines for High Performance Pattern Matching Department of Computer Science and Information Engineering National Cheng Kung University,

Compact State Machines for High Performance Pattern Matching Department of Computer Science and Information Engineering National Cheng Kung University,
1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,

1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,
An Efficient and Scalable Pattern Matching Scheme for Network Security Applications Department of Computer Science and Information Engineering National.

An Efficient and Scalable Pattern Matching Scheme for Network Security Applications Department of Computer Science and Information Engineering National.
Pipelined Architecture For Multi-String Match Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C.

Pipelined Architecture For Multi-String Match Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C.
1 Performance Improvement of Two-Dimensional Packet Classification by Filter Rephrasing Department of Computer Science and Information Engineering National.

1 Performance Improvement of Two-Dimensional Packet Classification by Filter Rephrasing Department of Computer Science and Information Engineering National.
1 An innovative low-cost Classification Scheme for combined multi-Gigabit IP and Ethernet Networks Department of Computer Science and Information Engineering.

1 An innovative low-cost Classification Scheme for combined multi-Gigabit IP and Ethernet Networks Department of Computer Science and Information Engineering.
1 Fast and Memory-Efficient Regular Expression Matching for Deep Packet Inspection Department of Computer Science and Information Engineering National.

1 Fast and Memory-Efficient Regular Expression Matching for Deep Packet Inspection Department of Computer Science and Information Engineering National.

Similar presentations

Ads by Google