A Prefiltering Approach to Regular Expression Matching for Network Security Systems

Regular Expression (RegEx) matching has been widely used in various networking and security applications. Despite much effort on this important problem, it remains a fundamentally difficult problem. DFA-based solutions can achieve high throughput, but require too much memory to be executed in high speed SRAM. NFA-based solutions require small memory, but are too slow. In this paper, the authors propose Regex-Filter, a prefiltering approach. The basic idea is to generate the RegEx print of RegEx set and use it to prefilter out most unmatched items. There are two key technical challenges: the generation of RegEx print and the matching process of RegEx print.

Provided by: Chinese Academy of Sciences Topic: Security Date Added: Apr 2012 Format: PDF

Find By Topic