A PCRE Pattern Matching Architecture with Common Prefix Sharing and Common String Sharing
Date Issued
2011
Date
2011
Author(s)
Liao, Po-Chun
Abstract
Network security is important for both system managers and end users. Lots of network intrusion detection systems (NIDS) use regular expressions or PCREs as a description language to represent their signature patterns. To keep up the network flow rate, hardware PCRE pattern matching architectures based on NFA or DFA are proposed. Owing to the ever signature patterns, the circuit area required to implement the pattern matching architecture for regular expression is becoming large. Thus, the reduction of the area of the circuit becomes an important issue. In this thesis, we reduce the circuits required to realize an NFA-based hardware architecture with common prefix sharing, common string sharing, pre-decode and character-class blocks. We design an algorithm to fetch as more common prefix as possible. The common string sharing can further reduce the circuit area without increasing the complexity. In addition, we test as many as 2281 snort rules, quiet many rules, in the experiment. The experiment results show that our approach is able to generate a regular pattern engine to match 2281 rules and is able to reduce 35.5% logic cells on a virtex-6 device. It is effective to reduce the area of circuit.
Subjects
NIDS
Pattern Matching
Regular Expression
PCRE
NFA
Type
thesis
File(s)![Thumbnail Image]()
Loading...
Name
ntu-100-R98921051-1.pdf
Size
23.32 KB
Format
Adobe PDF
Checksum
(MD5):a4a2726dac77154249fc785b1e4afe61