Download now Free registration required
Multi-pattern string matching remains a major performance bottleneck in network intrusion detection and anti-virus systems for high-speed Deep Packet Inspection (DPI). Although Aho-Corasick Deterministic Finite Automaton (ACDFA) based solutions produce deterministic throughput and are widely used in today's DPI systems such as Snort and ClamAV, the high memory requirement of AC-DFA (due to the large number of state transitions in AC-DFA) inhibits efficient hardware implementation to achieve high performance. Some recent work has shown that the AC-DFA can be reduced to a character trie that contains only the forward transitions by incorporating pipelined processing.
- Format: PDF
- Size: 561.8 KB