Title :
A New Packet Filter Schema Based on Multi-level Signature Hash and DFA Grouping
Author :
Wang Yumeng ; Wang Yuping ; Xue Xingsi ; Zhang Chen ; Huo Yuanliang
Author_Institution :
Sch. of Comput. Sci. & Technol., Xidian Univ., Xi´an, China
Abstract :
Packet filter system based on high speed match engine of REGular EXPressions (REGEXP) plays an important role in domain of Intrusion Detection System (IDS), Deep Packet Inspection (DPI) system, network security and traffic monitoring, etc. However, the existing filter schemas suffer from several deficiencies in matching speed and memory footprint, such as traditional DFA matching, single-level signature hash and DFA grouping. To overcome these shortcomings, in this paper, a new packet filter schema based on multilevel signature and DFA grouping is proposed. In particular, an algorithm called "DFA pseudo-split" is presented in our proposal to overcome the shortage of signatures. The experimental results show that our proposal significantly outperforms the traditional filter schemas.
Keywords :
cryptography; telecommunication security; telecommunication traffic; DFA grouping; DFA matching; DFA pseudosplit; REGEXP; REGular EXPressions; deep packet inspection system; high speed match engine; intrusion detection system; matching speed; memory footprint; multilevel signature hash; network security; packet filter schema; single-level signature hash; traffic monitoring; Algorithm design and analysis; Educational institutions; Filtering algorithms; Hardware; Inspection; Security; Silicon; DFA signature; Deep Packet Inspection; Intrusion Detection System; Packet Filter System;
Conference_Titel :
Computational Intelligence and Security (CIS), 2014 Tenth International Conference on
Conference_Location :
Kunming
Print_ISBN :
978-1-4799-7433-7
DOI :
10.1109/CIS.2014.130
