Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Deterministic finite-state machine construction method based on classification counter

A finite state machine and finite state technology, applied in computer security devices, instruments, computing, etc., can solve problems such as low matching efficiency and inability to repeat strings for many times, so as to improve the accuracy, reduce the number of transitions, and reduce errors. The effect of reporting

Active Publication Date: 2015-12-23
CHONGQING UNIV OF POSTS & TELECOMM
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But XFA can only count single characters, and can't do anything for repeated strings
The D2FA algorithm proposed by Kumar can compress the number of transfers, but its disadvantage is that the matching efficiency is low. For each character incentive, it may take multiple jumps along the default state to reach the target state.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deterministic finite-state machine construction method based on classification counter
  • Deterministic finite-state machine construction method based on classification counter
  • Deterministic finite-state machine construction method based on classification counter

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Below in conjunction with accompanying drawing, the present invention will be further described:

[0025] Such as figure 1 As shown, it is a method for determining the construction of a finite state machine according to an embodiment of the present invention, and the method includes:

[0026] 101. Read the rule set in the system, and check whether there are unconstructed rules in the rule set, and judge the construction complexity of the rule if there are unconstructed rules.

[0027] 102. Determine the construction complexity of the rules. The construction complexity refers to the complexity of the number of state points of the DFA generated by the rule formula. In the worst case, the construction complexity of a regular expression of length n is ο(2 n ). In practice, however, construction complexity is mostly linear, multiplicative, or quadratic. Regular expressions with certain characters or only wildcards have linear construction complexity, such as ^ABCD, ^AB.*...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention disclosesa deterministic finite-state machine construction method based on a classification counter, and belongs to the field of Internet intrusion inspection. The deterministic finite-state machine construction method comprises the following steps: firstly, classifying all regular expressions in a regular expression set (rule set) into a linear-level complexity class, a multiplication-level complexity class, a square-level complexity class and an exponential-level complexity class according to DFA (Deterministic Finite Automaton) construction complexity; then, generating a specific DFA with the counter for the regular expressions of each class of complexity; and finally, combining states which contain the same output excitation, and are not internal start states and internal end states in the DFA to generate a final ODFA (Overlaid Deterministic Finite Automaton). The reception message inspection speed of an intrusion inspection system can be quickened, accuracy is improved, a false alarm rate is lowered, and the consumption of memory resources by the system can be reduced. The construction method has a great practical application value.

Description

technical field [0001] The invention relates to the field of Internet intrusion detection, in particular to the construction and compression of a definite finite state machine corresponding to a regular expression in an intrusion detection system. Background technique [0002] Intrusion detection technology is a new security defense measure. As a supplementary strategy of the firewall, it can be used to identify illegal attacks on computer systems and network systems or information systems in a wider sense, including detection of external illegal intruders. Malicious attack or temptation. Deep Packet Inspection (DPIDeepPacketInspection) is an important method based on the rule-matching network intrusion detection system. It is a new technology compared with ordinary packet analysis. Ordinary packet inspection only analyzes the contents below the fourth layer of IP packets. Including source address, destination address, source port, destination port and protocol type, deep p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55G06F17/30H04L29/06
CPCG06F16/90344G06F21/552H04L63/1416Y02D30/50
Inventor 唐红曾诚徐川雷特
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com