Proceedings ArticleDOI
Advanced algorithms for fast and scalable deep packet inspection
Sailesh Kumar,Jonathan S. Turner,John Williams +2 more
- pp 81-92
Reads0
Chats0
TLDR
This paper introduces the content addressed delayed input DFA (CD2FA), which provides a compact representation of regular expressions that match the throughput of traditional uncompressed DFAs.Abstract:
Modern deep packet inspection systems use regular expressions to define various patterns of interest in network data streams. Deterministic finite automata (DFA) are commonly used to parse regular expressions. DFAs are fast, but can require prohibitively large amounts of memory for patterns arising in network applications. Traditional DFA table compression only slightly reduces the memory required and requires an additional memory access per input character. Alternative representations of regular expressions, such as NFAs and delayed input DFAs (D2FA) require less memory but sacrifice throughput. In this paper we introduce the content addressed delayed input DFA (CD2FA), which provides a compact representation of regular expressions that match the throughput of traditional uncompressed DFAs. A CD2FA addresses successive states of a D2FA using their content, rather than a "content-less" identifier. This makes selected information available earlier in the state traversal process, which makes it possible to avoid unnecessary memory accesses. We demonstrate that such content-addressing can be effectively used to obtain automata that are very compact and can achieve high throughput. Specifically, we show that for an application using thousands of patterns defined by regular expressions, CD2FAs use as little as 10% of the space required by a conventional compressed DFA, and match the throughput of an uncompressed DFA.read more
Citations
More filters
Tools and Algorithms for the Construction and Analysis of Systems, 7th International Conference, TACAS 2001, Genova, Italy, April 2-6, 2001
Tiziana Margaria,Wang Yi +1 more
TL;DR: This dissertation would like to discuss in detail the development of and use of the Erlang Verification Tool, a tool for Computer-Aided Analysis and Validation of Abstract State Machine Models, and its applications.
Journal ArticleDOI
Deflating the big bang: fast and scalable deep packet inspection with extended finite automata
TL;DR: Techniques are presented, inspired by principles used in compiler optimization, that systematically reduce runtime and per-flow state in deep packet inspection.
Proceedings ArticleDOI
A hybrid finite automaton for practical deep packet inspection
Michela Becchi,Patrick Crowley +1 more
TL;DR: This work proposes a hybrid automaton which addresses this issue by combining the benefits of deterministic and non-deterministic finite automata, and addresses the worst case behavior of the scheme and compares it to traditional ones.
Proceedings ArticleDOI
An improved algorithm to accelerate regular expression evaluation
Michela Becchi,Patrick Crowley +1 more
TL;DR: This paper introduces a general compression technique that results in at most 2N state traversals when processing a string of length N, and describes a novel alphabet reduction scheme for DFA-based structures that can yield further dramatic reductions in data structure size.
Journal ArticleDOI
Software-Defined Networking
TL;DR: This paper surveys existing technologies and the wide range of recent and state-of-the-art projects on SDN followed by an in-depth discussion of the major challenges in this area.
References
More filters
Book
Introduction to Automata Theory, Languages, and Computation
TL;DR: This book is a rigorous exposition of formal languages and models of computation, with an introduction to computational complexity, appropriate for upper-level computer science undergraduates who are comfortable with mathematical arguments.
Journal ArticleDOI
On the shortest spanning subtree of a graph and the traveling salesman problem
TL;DR: Kurosh and Levitzki as discussed by the authors, on the radical of a general ring and three problems concerning nil rings, Bull Amer Math Soc vol 49 (1943) pp 913-919 10 -, On the structure of algebraic algebras and related rings.
Proceedings Article
Snort - Lightweight Intrusion Detection for Networks
TL;DR: Snort provides a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected.
Journal ArticleDOI
Efficient string matching: an aid to bibliographic search
TL;DR: A simple, efficient algorithm to locate all occurrences of any of a finite number of keywords in a string of text that has been used to improve the speed of a library bibliographic search program by a factor of 5 to 10.
Journal ArticleDOI
On Representatives of Subsets
TL;DR: In this paper, a set S of mn things is divided into m classes of n things each in two distinct ways, (a) and (b); so that there are m (a)-classes and m (b)-classes.