Pattern matching method and device for data streams

A technology of pattern matching and data flow, which is applied in the directions of secure communication devices, electrical digital data processing, computer security devices, etc., can solve problems such as difficult to deal with, huge amount of calculation and communication, etc., to improve work efficiency, expand storage space, The effect of reducing the number of lookups

Inactive Publication Date: 2010-10-06
IBM CORP
View PDF3 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the amount of calculation and communication required by the existing pattern matching algorithm is very large
In general, DPI applications require a large amount of network traffic to match the pattern set containing a large number of patterns, and the required co

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Pattern matching method and device for data streams
  • Pattern matching method and device for data streams
  • Pattern matching method and device for data streams

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] The inventor found through research that: under a given detection window length, a large pattern set containing many patterns can always be divided into several mutually exclusive subsets, so that multiple parallel PM engines can The data stream fragments are processed separately based on these mutually exclusive subsets to achieve efficient pipeline operation and greatly improve the matching speed.

[0015] Here, the "mutually exclusive" relationship between patterns means that the same piece of data cannot match two patterns at the same time. The mutually exclusive pattern subset refers to the situation: when any pattern PA in one pattern subset SA is mutually exclusive with any pattern PB in another pattern subset SB, then the two patterns are considered Sets SA and SB are "mutually exclusive".

[0016] The inventor noticed that: when the length w of the detection window is given, some patterns can form mutual exclusion with other patterns under any circumstances (n...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a pattern matching method and a pattern matching device for data streams. In the method, a pattern set comprising a plurality of patterns is divided into a plurality of mutually exclusive pattern subsets with a given detection window length, so pattern matching checks are performed on the mutually exclusive subsets in a plurality of pattern matching engines respectively, the searching times of the pattern matching engines are greatly decreased, and the working efficiency of a system is improved correspondingly.

Description

technical field [0001] The present invention relates to a pattern matching (FPM) method and apparatus for data streams. Background technique [0002] As a new firewall technology, deep packet inspection (DPI) technology has been widely used in intrusion detection / prevention system (IDS / IPS), spam / antivirus prevention, data leakage prevention, content filtering and other fields. Deep packet inspection technology deeply inspects each data packet and its payload passing through the firewall, and the DPI engine in it decides how to process the data packet based on a rule set of technologies such as fingerprint matching, heuristic technology, anomaly detection, and statistical analysis. In order to detect whether each data packet in the data stream, for example, has an attack feature, pattern matching / characteristic search technology is commonly used in the DPI engine to compare each suspicious byte in the data stream. However, the amount of calculation and communication require...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/36G06F21/00G06F21/55
Inventor 郑凯
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap