Data structures and network algorithms
Data structures and network algorithms
Efficient string matching: an aid to bibliographic search
Communications of the ACM
Implementation of a Content-Scanning Module for an Internet Firewall
FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Enhancing byte-level network intrusion detection signatures with context
Proceedings of the 10th ACM conference on Computer and communications security
Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Fast Regular Expression Matching Using FPGAs
FCCM '01 Proceedings of the the 9th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Algorithms to accelerate multiple regular expressions matching for deep packet inspection
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Introduction to Automata Theory, Languages, and Computation (3rd Edition)
Introduction to Automata Theory, Languages, and Computation (3rd Edition)
Advanced algorithms for fast and scalable deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Fast and memory-efficient regular expression matching for deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Network Algorithmics,: An Interdisciplinary Approach to Designing Fast Networked Devices (The Morgan Kaufmann Series in Networking)
A hybrid finite automaton for practical deep packet inspection
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Deflating the big bang: fast and scalable deep packet inspection with extended finite automata
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
An improved DFA for fast regular expression matching
ACM SIGCOMM Computer Communication Review
Efficient signature matching with multiple alphabet compression tables
Proceedings of the 4th international conference on Security and privacy in communication netowrks
A remotely accessible network processor-based router for network experimentation
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Compact architecture for high-throughput regular expression matching on FPGA
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Efficient regular expression evaluation: theory to practice
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Extending finite automata to efficiently match Perl-compatible regular expressions
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
PLUG: flexible lookup modules for rapid deployment of new protocols in high-speed routers
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Software toolchain for large-scale RE-NFA construction on FPGA
International Journal of Reconfigurable Computing - Special issue on selected papers from ReConFig 2008
Optimized memory based accelerator for scalable pattern matching
Microprocessors & Microsystems
Multi-byte Regular Expression Matching with Speculation
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
APFA: Asynchronous Parallel Finite Automaton for Deep Packet Inspection in Cloud Computing
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Slimming down Deep packet inspection systems
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Second-order differential encoding of deterministic finite automata
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Compact DFA structure for multiple regular expressions matching
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Robust and fast pattern matching for intrusion detection
INFOCOM'10 Proceedings of the 29th conference on Information communications
Range hash for regular expression pre-filtering
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Evaluating regular expression matching engines on network and general purpose processors
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Theoretic analysis of finite automata for memory-based pattern matching
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Improving NFA-based signature matching using ordered binary decision diagrams
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
Journal of Network and Systems Management
Deterministic finite automata characterization and optimization for scalable pattern matching
ACM Transactions on Architecture and Code Optimization (TACO)
Enhancing counting bloom filters through Huffman-coded multilayer structures
IEEE/ACM Transactions on Networking (TON)
SPAF: stateless FSA-based packet filters
IEEE/ACM Transactions on Networking (TON)
Compressing regular expressions' DFA table by matrix decomposition
CIAA'10 Proceedings of the 15th international conference on Implementation and application of automata
TCAM-based DFA deflation: a novel approach to fast and scalable regular expression matching
Proceedings of the Nineteenth International Workshop on Quality of Service
Fast, memory-efficient regular expression matching with NFA-OBDDs
Computer Networks: The International Journal of Computer and Telecommunications Networking
Differential encoding of DFAs for fast regular expression matching
IEEE/ACM Transactions on Networking (TON)
Chain-Based DFA Deflation for Fast and Scalable Regular Expression Matching Using TCAM
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Fast and Compact Regular Expression Matching Using Character Substitution
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
GPU-based NFA implementation for memory efficient high speed regular expression matching
Proceedings of the 17th ACM SIGPLAN symposium on Principles and Practice of Parallel Programming
Predictive pattern matching for scalable network intrusion detection
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Deterministic finite automata characterization for memory-based pattern matching
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Fast protocol recognition by network packet inspection
ICONIP'11 Proceedings of the 18th international conference on Neural Information Processing - Volume Part II
Managing DFA History with Queue for Deflation DFA
Journal of Network and Systems Management
Scalable lookahead regular expression detection system for deep packet inspection
IEEE/ACM Transactions on Networking (TON)
Accelerating multipattern matching on compressed HTTP traffic
IEEE/ACM Transactions on Networking (TON)
Deep packet inspection tools and techniques in commodity platforms: Challenges and trends
Journal of Network and Computer Applications
Fast submatch extraction using OBDDs
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
MCA2: multi-core architecture for mitigating complexity attacks
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
Exploring different automata representations for efficient regular expression matching on GPUs
Proceedings of the 18th ACM SIGPLAN symposium on Principles and practice of parallel programming
A-DFA: A Time- and Space-Efficient DFA Compression Algorithm for Fast Regular Expression Evaluation
ACM Transactions on Architecture and Code Optimization (TACO)
Designing a Programmable Wire-Speed Regular-Expression Matching Accelerator
MICRO-45 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture
Multi-gigabit traffic identification on GPU
Proceedings of the first edition workshop on High performance and programmable networking
Proceedings of the ACM International Conference on Computing Frontiers
Scalable TCAM-based regular expression matching with compressed finite automata
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Exploring the design space of programmable regular expression matching accelerators
Journal of Systems Architecture: the EUROMICRO Journal
Fast Regular Expression Matching Using Small TCAM
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
Modern network intrusion detection systems need to perform regular expression matching at line rate in order to detect the occurrence of critical patterns in packet payloads. While deterministic finite automata (DFAs) allow this operation to be performed in linear time, they may exhibit prohibitive memory requirements. In [9], Kumar et al. propose Delayed Input DFAs (D2FAs), which provide a trade-off between the memory requirements of the compressed DFA and the number of states visited for each character processed, which corresponds directly to the memory bandwidth required to evaluate regular expressions. In this paper we introduce a general compression technique that results in at most 2N state traversals when processing a string of length N. In comparison to the D2FA approach, our technique achieves comparable levels of compression, with lower provable bounds on memory bandwidth (or greater compression for a given bandwidth bound). Moreover, our proposed algorithm has lower complexity, is suitable for scenarios where a compressed DFA needs to be dynamically built or updated, and fosters locality in the traversal process. Finally, we also describe a novel alphabet reduction scheme for DFA-based structures that can yield further dramatic reductions in data structure size.