TY - GEN
T1 - A multiple simple regular expression matching architecture and coprocessor for deep packet inspection
AU - Zhang, Wei
AU - Xue, Yibo
AU - Wang, Dongsheng
AU - Song, Tian
PY - 2008
Y1 - 2008
N2 - Pattern matching and regular expression matching are all the critical components for content inspection based applications. But current regular expression matching algorithms or architecture cannot provide a perfect solution for whole matching problem. In some real network security applications, exact strings are the biggest part of rule set, and the second part is simple regular expressions (Dot-Star and AND-Logic), and the other complex regular expressions only occupy a very small part. So, we propose a new hardware-based multiple simple regular expression matching architecture, called MSRM, for Dot-Star and AND-Logic regular expressions. Firstly, software compiler splits simple regular expressions into exact strings and relations. Multi-string-matching module judges whether strings match and outputs the matched ID. Based on these matched information and pre-generated RAM data, MSRM can judge whether Dot-Star and AND-Logic regular expressions are satisfied easily and quickly. Experiments with random test data and ClamA V rule set show that MSRM can achieve a high throughput of 2.1 and 2.8 Gbps using Virtex2 and Virtex4 devices respectively which is much higher than software algorithms.
AB - Pattern matching and regular expression matching are all the critical components for content inspection based applications. But current regular expression matching algorithms or architecture cannot provide a perfect solution for whole matching problem. In some real network security applications, exact strings are the biggest part of rule set, and the second part is simple regular expressions (Dot-Star and AND-Logic), and the other complex regular expressions only occupy a very small part. So, we propose a new hardware-based multiple simple regular expression matching architecture, called MSRM, for Dot-Star and AND-Logic regular expressions. Firstly, software compiler splits simple regular expressions into exact strings and relations. Multi-string-matching module judges whether strings match and outputs the matched ID. Based on these matched information and pre-generated RAM data, MSRM can judge whether Dot-Star and AND-Logic regular expressions are satisfied easily and quickly. Experiments with random test data and ClamA V rule set show that MSRM can achieve a high throughput of 2.1 and 2.8 Gbps using Virtex2 and Virtex4 devices respectively which is much higher than software algorithms.
KW - Deep packet inspection
KW - Network security
KW - Pattern matching
KW - Regular expression
UR - http://www.scopus.com/inward/record.url?scp=55849141297&partnerID=8YFLogxK
U2 - 10.1109/APCSAC.2008.4625475
DO - 10.1109/APCSAC.2008.4625475
M3 - Conference contribution
AN - SCOPUS:55849141297
SN - 9781424426836
T3 - 13th IEEE Asia-Pacific Computer Systems Architecture Conference, ACSAC 2008
BT - 13th IEEE Asia-Pacific Computer Systems Architecture Conference, ACSAC 2008
T2 - 13th IEEE Asia-Pacific Computer Systems Architecture Conference, ACSAC 2008
Y2 - 4 August 2008 through 6 August 2008
ER -