Title :
Regular Expression Matching for Reconfigurable Constraint Repetition Inspection
Author :
Faezipour, Miad ; Nourani, Mehrdad
Author_Institution :
Center for Integrated Circuits & Syst., Univ. of Texas at Dallas, Richardson, TX
Abstract :
Recent network intrusion detection systems (NIDS) use regular expressions to represent suspicious or malicious character sequences in packet payloads in a more efficient way. This paper introduces a new basic building block based on Non- deterministic Finite Automata (NFA) hardware implementation to support complex constraint repetitions in regular expressions. This block is a customized counter capable of handling any type of constraint repetition, applicable to any sub-regular expression. We also introduce optimization techniques to reduce the area and improve the overall performance. We have examined SNORT IDS regular expressions by taking advantage of the basic NFA building blocks, our proposed counting block and our proposed optimization techniques. We report experimental results for our architecture that verify area saving and performance improvement.
Keywords :
finite automata; optimisation; pattern matching; security of data; malicious character sequences; network intrusion detection systems; nondeterministic finite automata; optimization techniques; packet payloads; reconfigurable constraint repetition inspection; regular expression matching; suspicious character sequences; Automata; Computer languages; Constraint optimization; Costs; Counting circuits; Field programmable gate arrays; Hardware; Inspection; Intrusion detection; Payloads;
Conference_Titel :
Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE
Conference_Location :
New Orleans, LO
Print_ISBN :
978-1-4244-2324-8
DOI :
10.1109/GLOCOM.2008.ECP.403
