A new approach to text searching
Communications of the ACM
Efficient string matching: an aid to bibliographic search
Communications of the ACM
Programming Techniques: Regular expression search algorithm
Communications of the ACM
Algorithms to accelerate multiple regular expressions matching for deep packet inspection
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Compilers: Principles, Techniques, and Tools (2nd Edition)
Compilers: Principles, Techniques, and Tools (2nd Edition)
Advanced algorithms for fast and scalable deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Curing regular expressions matching algorithms from insomnia, amnesia, and acalculia
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Exact multi-pattern string matching on the cell/b.e. processor
Proceedings of the 5th conference on Computing frontiers
XFA: Faster Signature Matching with Extended Automata
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
An improved DFA for fast regular expression matching
ACM SIGCOMM Computer Communication Review
iNFAnt: NFA pattern matching on GPGPU devices
ACM SIGCOMM Computer Communication Review
GrAVity: a massively parallel antivirus engine
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Hi-index | 0.00 |
Regular expression matching is the heart of many data processing routines, such as string search, network traffic filtering, etc. The traditional way of regexp matching is building and execution of a deterministic finite automaton (DFA), that provides O(1) processing time per 1 input symbol for any regular expression. But this technique almost always forces many modern SIMD-processors to perform regexp search in scalar mode, thus it doesn't use the most part of their computational power. This paper represents traditional straightforward DFA along with another regexp implementation, based on nondeterministic finite automata (NFA) SIMD-simulation on Cell Broadband Engine processor. Software implementation of NFA-based SIMD algorithm achieves as much as 10 Gbit/s per one Cell BE processor with 512 NFA states, thus it is feasible for preliminary network traffic filtering of suspicious objects, while DFA-based scalar one gains up to 60 Gbit/s with 60-state automaton. One Cell BE processor can maintain NFA of 6000..7000 overall states simultaneously, so if one wants to use signatures with more that 512 states, it's possible with linear performance-to-signatures tradeoff.