摘要
针对无线自组网的网络带宽受限、对实时性业务支持较差、安全性不高等弊端,提出一种基于正则表达式匹配的分布式网络安全系统匹配(DREM)方法,协同利用每个节点资源完成分布式无线网络的安全防御。以无线自组网为应用场景,以移动嵌入式无线节点为运算平台,将匹配过程分为预过滤阶段和验证阶段:预处理阶段过滤一部分不满足的条目,在验证阶段根据预处理阶段的结果简化条目验证。实验表明精确匹配的计算效率提升平均达到82.1%以上。匹配方案可以有效对数据包进行检测和访问控制,对于中规模或大规模分布式无线节点具有良好适用性。
There is a growing demand for wireless network systems to examine the contents of data packages to improve network security and application services. A regular expression matching approach is given for distributed wireless network security systems, DREM (distributed regular expression matching), which divides the matching into a prefiltering stage and a verification stage. In prefiltering stage, a part of items will be filtered out so that items can be matched much simpler in the verifying stage. Tests show that these strategies speedup the analyses of regular expressions by 82. 1 % for regular expression sets. Emulations show that this system can be applied in medium and large distributed wireless network systems.
出处
《清华大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2013年第12期1676-1681,1687,共7页
Journal of Tsinghua University(Science and Technology)
基金
国家自然科学基金资助项目(61272174
91018003)
