The Compilation of Regular Expressions into Integrated Circuits
Journal of the ACM (JACM)
Efficient string matching: an aid to bibliographic search
Communications of the ACM
A String Matching Algorithm Fast on the Average
Proceedings of the 6th Colloquium, on Automata, Languages and Programming
Implementation of a Content-Scanning Module for an Internet Firewall
FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Enhancing byte-level network intrusion detection signatures with context
Proceedings of the 10th ACM conference on Computer and communications security
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Fast Regular Expression Matching Using FPGAs
FCCM '01 Proceedings of the the 9th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A High Throughput String Matching Architecture for Intrusion Detection and Prevention
Proceedings of the 32nd annual international symposium on Computer Architecture
Algorithms to accelerate multiple regular expressions matching for deep packet inspection
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Introduction to Automata Theory, Languages, and Computation (3rd Edition)
Introduction to Automata Theory, Languages, and Computation (3rd Edition)
Advanced algorithms for fast and scalable deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Fast and memory-efficient regular expression matching for deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
An improved algorithm to accelerate regular expression evaluation
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
An improved DFA for fast regular expression matching
ACM SIGCOMM Computer Communication Review
Compact architecture for high-throughput regular expression matching on FPGA
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Efficient regular expression evaluation: theory to practice
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Extending finite automata to efficiently match Perl-compatible regular expressions
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Software toolchain for large-scale RE-NFA construction on FPGA
International Journal of Reconfigurable Computing - Special issue on selected papers from ReConFig 2008
Regular Expression Matching on Graphics Hardware for Intrusion Detection
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
APFA: Asynchronous Parallel Finite Automaton for Deep Packet Inspection in Cloud Computing
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Slimming down Deep packet inspection systems
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Managing intrusion detection rule sets
Proceedings of the Third European Workshop on System Security
Second-order differential encoding of deterministic finite automata
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Robust and fast pattern matching for intrusion detection
INFOCOM'10 Proceedings of the 29th conference on Information communications
NetShield: massive semantics-based vulnerability signature matching for high-speed networks
Proceedings of the ACM SIGCOMM 2010 conference
NFA split architecture for fast regular expression matching
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Range hash for regular expression pre-filtering
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Managing networks through context: Graph visualization and exploration
Computer Networks: The International Journal of Computer and Telecommunications Networking
iNFAnt: NFA pattern matching on GPGPU devices
ACM SIGCOMM Computer Communication Review
Evaluating regular expression matching engines on network and general purpose processors
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Network DVR: a programmable framework for application-aware trace collection
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
Improving NFA-based signature matching using ordered binary decision diagrams
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Selective regular expression matching
ISC'10 Proceedings of the 13th international conference on Information security
SPAF: stateless FSA-based packet filters
IEEE/ACM Transactions on Networking (TON)
Fast, memory-efficient regular expression matching with NFA-OBDDs
Computer Networks: The International Journal of Computer and Telecommunications Networking
Differential encoding of DFAs for fast regular expression matching
IEEE/ACM Transactions on Networking (TON)
MIDeA: a multi-parallel intrusion detection architecture
Proceedings of the 18th ACM conference on Computer and communications security
Chain-Based DFA Deflation for Fast and Scalable Regular Expression Matching Using TCAM
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
GPU-based NFA implementation for memory efficient high speed regular expression matching
Proceedings of the 17th ACM SIGPLAN symposium on Principles and Practice of Parallel Programming
Fast protocol recognition by network packet inspection
ICONIP'11 Proceedings of the 18th international conference on Neural Information Processing - Volume Part II
Managing DFA History with Queue for Deflation DFA
Journal of Network and Systems Management
A prefiltering approach to regular expression matching for network security systems
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Scalable lookahead regular expression detection system for deep packet inspection
IEEE/ACM Transactions on Networking (TON)
Kargus: a highly-scalable software-based intrusion detection system
Proceedings of the 2012 ACM conference on Computer and communications security
Deep packet inspection tools and techniques in commodity platforms: Challenges and trends
Journal of Network and Computer Applications
Proceedings of the Fifth International Conference on Security of Information and Networks
Fast submatch extraction using OBDDs
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
MCA2: multi-core architecture for mitigating complexity attacks
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
SDFA: series DFA for memory-efficient regular expression matching
CIAA'12 Proceedings of the 17th international conference on Implementation and Application of Automata
GPP-Grep: high-speed regular expression processing engine on general purpose processors
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
A-DFA: A Time- and Space-Efficient DFA Compression Algorithm for Fast Regular Expression Evaluation
ACM Transactions on Architecture and Code Optimization (TACO)
Designing a Programmable Wire-Speed Regular-Expression Matching Accelerator
MICRO-45 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture
Proceedings of the ACM International Conference on Computing Frontiers
Towards fast regular expression matching in practice
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Scalable TCAM-based regular expression matching with compressed finite automata
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Picking pesky parameters: optimizing regular expression matching in practice
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Exploring the design space of programmable regular expression matching accelerators
Journal of Systems Architecture: the EUROMICRO Journal
Fast Regular Expression Matching Using Small TCAM
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
Deterministic finite automata (DFAs) are widely used to perform regular expression matching in linear time. Several techniques have been proposed to compress DFAs in order to reduce memory requirements. Unfortunately, many real-world IDS regular expressions include complex terms that result in an exponential increase in number of DFA states. Since all recent proposals use an initial DFA as a starting-point, they cannot be used as comprehensive regular expression representations in an IDS. In this work we propose a hybrid automaton which addresses this issue by combining the benefits of deterministic and non-deterministic finite automata. We test our proposal on Snort rule-sets and we validate it on real traffic traces. Finally, we address and analyze the worst case behavior of our scheme and compare it to traditional ones.