Out-of-order data packet string matching method and system

A string matching and string technology, applied in digital transmission systems, transmission systems, data exchange networks, etc., can solve problems such as filling holes without considering data packets, and incomplete logic.

Inactive Publication Date: 2015-07-22
INST OF INFORMATION ENG CAS
View PDF2 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method is very similar to the present invention, but the DAWG does not consider the cas

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Out-of-order data packet string matching method and system
  • Out-of-order data packet string matching method and system
  • Out-of-order data packet string matching method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0080] A kind of out-of-sequence packet string matching method, is characterized in that, comprises the following steps:

[0081] Step 1: Initialize and determine the finite state automaton DFA and the pattern suffix tree PST, the return value of the determined finite state automaton is the matching state and the matching list, the return value of the pattern suffix tree is the search state and the search mark, and the matching set state and lookup_state to zero, set lookup_flag to false;

[0082] Step 2: Initialize the buffer, and receive the character strings transmitted in the network and obtained by dividing the data stream one by one, and each of the data streams is composed of at least two character strings arranged in an orderly manner;

[0083] Step 3: Find the data stream to which each string belongs, and set the sequence number, prefix and suffix for each string according to the data stream to which it belongs, and obtain the strings belonging to the same data stream...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an out-of-order data packet string matching method and system. The out-of-order data packet string matching method comprises the following steps of initializing and determining a finite state automata DFA and a mode suffix tree PST; initializing a buffering area and receiving character strings transmitted in network and obtained through data flows one by one, wherein every data flow is formed by at least two character strings orderly; obtaining character strings belonging to the same data flow one by one; setting and determining a current state of the finite state automata if the current character string has a prefix; adding a finding state to the tail of the current character string and obtaining a combined fragment if the current character string has the suffix; inputting the combined fragment to the finite state automata; storing the current character string information and enabling the current character string to pass. According to the out-of-order data packet string matching method, the model does not need caching of the data package but only caches states and accordingly matching of the character string with out-of-order data package is achieved.

Description

technical field [0001] The invention relates to a method for detecting network data packets, in particular to a string matching method and system for out-of-order data packets. Background technique [0002] Network security devices, such as intrusion detection / prevention systems IDS / IPS have been widely deployed. Briefly, an intrusion detection system listens for data packets at the link layer and warns of possible intrusions. An intrusion prevention system is very close to an intrusion detection system, but it is inline and just drops malicious packets instead of generating warnings. Most intrusion detection / prevention systems are based on strings or regular expressions, and they have their own set of strings or regular expressions against which to match the payload of the packet. When a match is successful, the packet is deemed malicious. [0003] A flow in a network is a finite sequence of packets with the same 5-tuple (source IP, destination IP, source port, destinati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/861G06F17/30
CPCH04L49/9057G06F16/90344G06F2207/025
Inventor 张鹏于越杨嵘朱嵬刘庆云
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap