Sciweavers

Share
ANCS
2007
ACM

Curing regular expressions matching algorithms from insomnia, amnesia, and acalculia

11 years 9 months ago
Curing regular expressions matching algorithms from insomnia, amnesia, and acalculia
The importance of network security has grown tremendously and a collection of devices have been introduced, which can improve the security of a network. Network intrusion detection systems (NIDS) are among the most widely deployed such system; popular NIDS use a collection of signatures of known security threats and viruses, which are used to scan each packet's payload. Today, signatures are often specified as regular expressions; thus the core of the NIDS comprises of a regular expressions parser; such parsers are traditionally implemented as finite automata. Deterministic Finite Automata (DFA) are fast, therefore they are often desirable at high network link rates. DFA for the signatures, which are used in the current security devices, however require prohibitive amounts of memory, which limits their practical use. In this paper, we argue that the traditional DFA based NIDS has three main limitations: first they fail to exploit the fact that normal data streams rarely match any...
Sailesh Kumar, Balakrishnan Chandrasekaran, Jonath
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2007
Where ANCS
Authors Sailesh Kumar, Balakrishnan Chandrasekaran, Jonathan S. Turner, George Varghese
Comments (0)
books