| Summary: | 碩士 === 國立成功大學 === 資訊工程學系 === 103 === In recent years, since the scale of Internet traffic grows at a pretty rapid speed, many malicious packets and attacks are common and spread over the Internet. Thus, Network Intrusion Detection System (NIDS) which supervises network activities for keeping our computers away from danger becomes more and more important. With predefined rules, NIDS suspects the payloads of network packets which is known as Deep Packet Inspection (DPI) to find out all the virus patterns. So, regular expression matching which is a searching algorithm used in DPI needs to be very fast and consume small memory space. Deterministic Finite Automata (DFA) is a classical method that performs regular expression matching. The feature of DFA is that it has the great performance of searching but suffers from well-known state explosion problem at the expense of large memory usage because of Kleene closures such as “.*” and “[^a]*” appearing in complex rules.
In this thesis, we propose a memory efficient regular expression matching algorithm called Failureless Segmented FA (FSFA) with an acceptable searching speed. In FSFA, We eliminate Kleene closures by using additional data structures in order to reduce a large amount of states. And, we further reduce the transitions by using default state compression technique. Moreover, we map our proposed FSFA onto the hardware architecture in a pipelined manner to improve the throughput. Our performance results implemented on a PC software environment show that our scheme only needs 1% of states needed in the DFA and 2% to 22% of states needed in the JFA. And, in the hardware architecture, our performance results implemented on Xilinx Virtex-7 XC7V2000T FPGA show that the throughput can reach up to 2.85 Gbps.
|
|---|
