一种基于多线程的混合深度包检测方法

A Deep Packet Inspection Method Based on Multi-Threading

下载PDF

导出

摘要为了提高网络入侵检测速度和稳定性,提出了一种基于多线程的混合深度包检测方法.该方法首先采用正则表达式的线性系数来对规则集中的正则表达式进行分组,然后对不同正则表达式组采用不同压缩技术进行状态位压缩,生成不同FA(Finite Automata),最后采用多线程技术对生成的不同FA进行检测.通过实验验证,得出该方法具有较高的压缩和处理性能,同时能有效提高检测的速度和稳定性. The paper proposed a deep packet inspection method based on multi-threading. In this meth- od, the regular expressions of the rule sets were grouped by using regular expressions linear coefficient. Then the regular expressions generated different Finite Automata by using different compression technology to compress the status bit. Finally, the different Finite Automata were detected by using multi-threading technology. The experiments show that the method has higher compression and processing performance, and effectively improves the speed and stability of the detection.

作者林丽娜洪联系

机构地区集美大学诚毅学院

出处《集美大学学报（自然科学版）》 CAS 2014年第6期472-476,共5页 Journal of Jimei University：Natural Science

基金福建省教育厅资助项目(JA14368 C13001)

关键词正则表达式深度包检测多线程有限自动机网络安全 Regular expression Deep packet inspection Multi-threaded Finite automata Network security

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

参考文献10

1KUMARS, DHARMAP URI KAR S, YU F, et al. Algorithms to accelerate multiple regular expressions matching for deep packet inspection [ C ] //Proceedings of the 2006.
2Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. New York: ACM Press, 2006: 339-350.
3SMITHR, ESTAN C, JHA S. XFA : Faster signature matching with extended automata [ C ] //Proceedings of the 2008 IEEE Symposium Security and Privacy. Washington, DC: IEEE, 2008: 187-201.
4BECCHI M, CROWLEY P. Extending finite automata to efficiently nmteh Perl-compatible regular expressions [ C ] // Proceedings of the 2008 ACM CoNEXT Conference. New York : ACM Press, 2008 : 108.
5XIE T, FENG D G. A new differential for MD5 with its full differential path [EB/OL]. [2009-04-10]. http: //print. iacr. org/2008/230, pdf.
6YU F, CHEN Z, DIAO Y, et al. Fast and memory-efficient regular expression matching for deep packet inspection [ C] //Proceedings of the 2006 ACM/IEEE Symposium on Architecture for Net Systems working and Communications. New York: ACM Press, 2006: 93-102.
7徐乾,鄂跃鹏,葛敬国,钱华林.深度包检测中一种高效的正则表达式压缩算法[J].软件学报,2009,20(8):2214-2226. 被引量：28
8于强,霍红卫.一组提高存储效率的深度包检测算法[J].软件学报,2011,22(1):149-163. 被引量：14
9ZHENG LI, NENGHAI YU, YANG LI. Asynchronous Parallel Finite Automaton: a new mechanism for deep packet in- spection in cloud computing [J]. Journal of Internet Technology, 2010, 11(2) : 147-152.
10姚远,刘鹏,单征,田双鹏.面向存储的正则表达式匹配算法综述[J].计算机应用,2009,29(12):3171-3173. 被引量：13

二级参考文献44

1李伟男,鄂跃鹏,葛敬国,钱华林.多模式匹配算法及硬件实现[J].软件学报,2006,17(12):2403-2415. 被引量：42
2MITRA A, NAJJAR W, BHUYAN L. Compiling PCRE to FPGA for accelerating SNORT IDS [C]//Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and Communications Systems. New York: ACM Press, 2007:127 - 136.
3BRODIE B, CYTRON R K, TAYLOR D E. A scalable architecture for high-throughput regular-expression pattern matching [ C ]// ISCA '06: Proceedings of the 33rd Annual Intemational Symposium on Computer Architecture. New York: ACM Press, 2006:191 - 202.
4LEE J, HWANG S H, PARK N. A high performance NIDS using FPGA-based regular expression matching [ C]// Proceedings of the 2007 ACM Symposium on Applied Computing. New York: ACM Press, 2007:1187 - 1191.
5LO C-T D, TAI Y-G, PSARRIS K. Hardware implementation for network intrusion detection rules with regular expression support [C]//Proceedings of the 2008 ACM Symposium on Applied Computing. New York: ACM Press, 2008: 1535- 1539.
6KUMAR S, DHARMAPURIKAR S, YU F, et al. Algorithms to accelerate multiple regular expressions matching for deep packet inspection [C]// Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. New York: ACM Press, 2006:339-350.
7KUMAR S, TURNER J, WILLIAMS J. Advanced algorithms for fast and scalable deep packet inspection [C]//Proceedings of the 2006 ACM/IEEE Symposium on Architecture for Networking and Communications Systems. New York: ACM Press, 2006:81 -92.
8BECCHI M, CROWLEY P. An improved algorithm to accelerate regular expression evaluation [ C]// Proceedings of the 3rd ACM/ IEEE Symposium on Architecture for Networking and Communications Systems. New York: ACM Press, 2007, 145 - 154.
9FICARA D, GIORDANO S, PROCISSI G, et al. An improved DFA for fast regular expression matching [J]. ACM SIGCOMM Computer Communication Review, 2008,38(5) :29 -40.
10SMITH R, ESTAN C, JHA S. Xfa: Faster signature matching with extended automata [C]// Proceedings of the 2008 IEEE Symposium on Security and Privacy. Washington, DC: IEEE, 2008:187 -201.

共引文献46

1肖武德.一种正则表达式的高效分组算法[J].计算机安全,2010(4):57-59. 被引量：4
2余平,胡玲.深度包检测消息传递技术[J].内江师范学院学报,2010,25(8):41-43. 被引量：1
3张树壮,罗浩,方滨兴,云晓春.一种面向网络安全检测的高性能正则表达式匹配算法[J].计算机学报,2010,33(10):1976-1986. 被引量：27
4王志佳,顾健.一种改进的自动机压缩算法在深度包检测中的应用[J].信息网络安全,2010(10):76-78. 被引量：2
5邓凯元,姜磊.正则表达式匹配引擎性能分析[J].计算机与现代化,2011(7):105-107. 被引量：11
6韩光辉,曾诚.正则表达式方程组的最小解[J].电脑与信息技术,2011,19(5):1-4. 被引量：1
7唐球,姜磊,谭建龙,刘金刚.基于FPGA的正则表达式匹配算法综述[J].计算机应用,2011,31(11):2943-2946. 被引量：1
8李鲲鹏,兰巨龙,李印海.基于Bloom filter的高效正则表达式匹配算法[J].计算机应用研究,2012,29(3):950-954. 被引量：4
9张墨华,李戈.基于中间点划分无冲突哈希的高速包处理[J].计算机应用,2012,32(4):999-1002.
10陈捷.面向网络安全的正则表达式匹配技术[J].中国科技博览,2012(9):303-303.

1付蕾.基于有限自动机的网络入侵检测技术[J].中国科技博览,2009(36):342-342.
2Xiangru XU, Yiguang HONG Key Laboratory of Systems and Control, Academy of Mathematics and Systems Science, Chinese Academy of Sciences, Beijing 100190, China.Matrix expression and reachability analysis of finite automata[J].控制理论与应用（英文版）,2012,10(2):210-215. 被引量：15
3王伟文,方环,张传林.保邻域结构的拉普拉斯特征映射延拓[J].计算机工程与应用,2017,53(8):61-67.
4YAOGang.Decomposing a Kind of Weakly Invertible Finite Automata with Delay 2[J].Journal of Computer Science & Technology,2003,18(3):354-360. 被引量：3
5Yongyi YAN,Zengqiang CHEN,Zhongxin LIU.Semi-tensor product of matrices approach to reachability of finite automata with application to language recognition[J].Frontiers of Computer Science,2014,8(6):948-957. 被引量：10
6LI YongMing College of Computer Science, Shaanxi Normal University, Xi’an 710062, China.Finite automata based on quantum logic and monadic second-order quantum logic[J].Science China(Information Sciences),2010,53(1):101-114. 被引量：2
7徐进学,谈大龙,柴天佑.具有不确定扰动的机器人基于内模的鲁棒学习控制(英文)[J].沈阳化工学院学报,1999,13(1):55-61.
8陶仁骥,陈世华.Structure of Weakly Invertible Semi—Input—Memory Finite Automata with Delay 1[J].Journal of Computer Science & Technology,2002,17(4):369-376. 被引量：4
9Yongyi Yan,Zengqiang Chen,Zhongxin Liu.Semi-tensor product approach to controllability and stabilizability of finite automata[J].Journal of Systems Engineering and Electronics,2015,26(1):134-141. 被引量：12
10初凤红,王计元.基于倏逝波吸收的塑料光纤葡萄糖传感特性[J].中国激光,2012,39(5):146-149. 被引量：2

集美大学学报（自然科学版）

2014年第6期

浏览历史

内容加载中请稍等...

一种基于多线程的混合深度包检测方法

参考文献10

二级参考文献44

共引文献46

相关作者

相关机构

相关主题

浏览历史