Compression and message matching method for deep message detection deterministic finite automation (DFA) state transfer tables

A technology of in-depth message inspection and state transfer table, which is applied in the field of network security equipment and data communication, can solve the problem of not being able to adapt to the traffic of multiple Gigabit network interfaces, and achieve the effect of reducing storage space requirements

Active Publication Date: 2011-05-25
丁贤根
View PDF4 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the characteristics of DRAM, when accessing the DRAM storage unit, it is necessary to open and close the internal ranks of the DRAM, and random access to data takes tens of nanoseconds, so the packet matching speed cannot adapt to the traffic of multiple Gigabit network interfaces

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Compression and message matching method for deep message detection deterministic finite automation (DFA) state transfer tables
  • Compression and message matching method for deep message detection deterministic finite automation (DFA) state transfer tables
  • Compression and message matching method for deep message detection deterministic finite automation (DFA) state transfer tables

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The specific embodiments of the present invention will be further described below in conjunction with the accompanying drawings.

[0030] Table 1 shows an existing DFA state transition table using a standard two-dimensional linear array storage format.

[0031]

[0032] As shown in Table 1, the abscissa 0~255 is the input character (8 bits wide, 256 in total), and the ordinate S(0)~S(N) is the state. Each line represents the transition state corresponding to each input character in this state. If the input character has no transition state, it means that the match fails and ends. According to the two-dimensional linear array addressing mode, use (state, input character) as an index to find the transition state from the DFA state transition table.

[0033] Through the analysis of the DFA state transition tables converted from many regular expressions, two characteristics can be found: a) the table is sparse, that is, a considerable part (state, input character) has ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a compression and message matching method for deep message detection deterministic finite automation (DFA) state transfer tables. Before network equipment carries out seven-layer deep detection on the messages, a character library described in regular expression is needed to be converted into the DFA state transfer table, and the table is generally very large and is difficult to store and to realize high-speed message matching. In the method, a bitmap coding mode is used to compress the DFA state transfer table, a compressible part can be stored in a high-speed memory after being compressed, and an incompressible part is stored in a dynamic random access memory (DRAM), so the storage space occupied by the DFA state transfer table is effectively reduced, and the high-speed message matching is easily realized.

Description

technical field [0001] The invention relates to the field of data communication, in particular to the field of network security equipment, and in particular to a method for compressing a DFA state transition table and matching a message, which is applied to deep message detection. Background technique [0002] There are many architectures in computer networks. In order to solve the interconnection problem of networks with different architectures, the International Organization for Standardization ISO formulated an open system interconnection reference model in 1981. This model divides the work of network communication into 7 layers. They are the Physical Layer, the Data Link Layer, the Network Layer, and the Transport Layer from low to high. Session Layer (Session Layer), that layer (Presentation Layer) and application layer (Application Layer). The first to third layers belong to the lower three layers of the OSI reference model, responsible for creating links for network ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06
Inventor 缪庆军丁贤根
Owner 丁贤根
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap