CN103733590B - 用于正则表达式的编译器 - Google Patents
用于正则表达式的编译器 Download PDFInfo
- Publication number
- CN103733590B CN103733590B CN201280038799.2A CN201280038799A CN103733590B CN 103733590 B CN103733590 B CN 103733590B CN 201280038799 A CN201280038799 A CN 201280038799A CN 103733590 B CN103733590 B CN 103733590B
- Authority
- CN
- China
- Prior art keywords
- states
- dfa
- nfa
- state
- angstrom
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4498—Finite state machines
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Mathematical Physics (AREA)
- Data Mining & Analysis (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Pure & Applied Mathematics (AREA)
- Databases & Information Systems (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- Computational Mathematics (AREA)
- Algebra (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Devices For Executing Special Programs (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
DFA状态数 | NFA状态集合 |
0 | {0,1,2,3,4} |
1 | {0,5,6,7} |
2 | {8,9,2,3} |
… | … |
… | … |
DFA状态数 | DFA状态哈希 | NFA状态数集合 | 标记(M)/未标记(U) |
0 | 81237912891273 | 删除 | M |
1 | 09237504823405 | 删除 | M |
2 | 23894729379237 | {4,5,6,2,0,1} | U |
3 | 89345798731278 | {4,2,3,7,1,8} | U |
… | … | … |
EC输入集合哈希 | EC输出集合 |
78346782346782 | {3,4,1,2,7} |
89237489237492 | {8,3,2,5,19} |
… | … |
Claims (40)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710258370.9A CN107122221B (zh) | 2011-06-24 | 2012-06-20 | 用于正则表达式的编译器 |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/168,450 | 2011-06-24 | ||
US13/168,450 US9858051B2 (en) | 2011-06-24 | 2011-06-24 | Regex compiler |
PCT/US2012/043307 WO2012177736A1 (en) | 2011-06-24 | 2012-06-20 | Compiler for regular expressions |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710258370.9A Division CN107122221B (zh) | 2011-06-24 | 2012-06-20 | 用于正则表达式的编译器 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103733590A CN103733590A (zh) | 2014-04-16 |
CN103733590B true CN103733590B (zh) | 2017-05-03 |
Family
ID=46514761
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710258370.9A Active CN107122221B (zh) | 2011-06-24 | 2012-06-20 | 用于正则表达式的编译器 |
CN201280038799.2A Active CN103733590B (zh) | 2011-06-24 | 2012-06-20 | 用于正则表达式的编译器 |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710258370.9A Active CN107122221B (zh) | 2011-06-24 | 2012-06-20 | 用于正则表达式的编译器 |
Country Status (5)
Country | Link |
---|---|
US (1) | US9858051B2 (zh) |
KR (2) | KR101868720B1 (zh) |
CN (2) | CN107122221B (zh) |
DE (1) | DE112012002624B4 (zh) |
WO (1) | WO2012177736A1 (zh) |
Families Citing this family (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8990259B2 (en) * | 2011-06-24 | 2015-03-24 | Cavium, Inc. | Anchored patterns |
US9858051B2 (en) | 2011-06-24 | 2018-01-02 | Cavium, Inc. | Regex compiler |
US9065860B2 (en) | 2011-08-02 | 2015-06-23 | Cavium, Inc. | Method and apparatus for multiple access of plural memory banks |
US8862585B2 (en) * | 2012-10-10 | 2014-10-14 | Polytechnic Institute Of New York University | Encoding non-derministic finite automation states efficiently in a manner that permits simple and fast union operations |
US9268881B2 (en) | 2012-10-19 | 2016-02-23 | Intel Corporation | Child state pre-fetch in NFAs |
US9117170B2 (en) | 2012-11-19 | 2015-08-25 | Intel Corporation | Complex NFA state matching method that matches input symbols against character classes (CCLs), and compares sequence CCLs in parallel |
US9665664B2 (en) | 2012-11-26 | 2017-05-30 | Intel Corporation | DFA-NFA hybrid |
US9304768B2 (en) | 2012-12-18 | 2016-04-05 | Intel Corporation | Cache prefetch for deterministic finite automaton instructions |
US9268570B2 (en) | 2013-01-23 | 2016-02-23 | Intel Corporation | DFA compression and execution |
US9177253B2 (en) * | 2013-01-31 | 2015-11-03 | Intel Corporation | System and method for DFA-NFA splitting |
US10242125B2 (en) | 2013-12-05 | 2019-03-26 | Entit Software Llc | Regular expression matching |
US9275336B2 (en) | 2013-12-31 | 2016-03-01 | Cavium, Inc. | Method and system for skipping over group(s) of rules based on skip group rule |
US9544402B2 (en) | 2013-12-31 | 2017-01-10 | Cavium, Inc. | Multi-rule approach to encoding a group of rules |
US9667446B2 (en) | 2014-01-08 | 2017-05-30 | Cavium, Inc. | Condition code approach for comparing rule and packet data that are provided in portions |
US9680797B2 (en) * | 2014-05-28 | 2017-06-13 | Oracle International Corporation | Deep packet inspection (DPI) of network packets for keywords of a vocabulary |
CN108885632B (zh) | 2016-03-23 | 2022-10-28 | 江森自控泰科知识产权控股有限责任公司 | 用于实时数据流编程的高效状态机 |
US10656949B2 (en) | 2018-07-13 | 2020-05-19 | Fungible, Inc. | Instruction-based non-deterministic finite state automata accelerator |
US10645187B2 (en) | 2018-07-13 | 2020-05-05 | Fungible, Inc. | ARC caching for determininstic finite automata of regular expression accelerator |
US10983721B2 (en) | 2018-07-13 | 2021-04-20 | Fungible, Inc. | Deterministic finite automata node construction and memory mapping for regular expression accelerator |
US10635419B2 (en) | 2018-07-13 | 2020-04-28 | Fungible, Inc. | Incremental compilation of finite automata for a regular expression accelerator |
KR102250147B1 (ko) * | 2018-10-22 | 2021-05-10 | 성균관대학교산학협력단 | 네트워크 보안 기능 인터페이스를 위한 보안 정책 번역 |
KR102146625B1 (ko) * | 2019-01-31 | 2020-08-20 | 연세대학교 산학협력단 | 오토마타 기반 증분적 중위 확률 계산 장치 및 방법 |
US11263190B2 (en) | 2019-09-26 | 2022-03-01 | Fungible, Inc. | Data ingestion and storage by data processing unit having stream-processing hardware accelerators |
US11636154B2 (en) | 2019-09-26 | 2023-04-25 | Fungible, Inc. | Data flow graph-driven analytics platform using data processing units having hardware accelerators |
US11636115B2 (en) | 2019-09-26 | 2023-04-25 | Fungible, Inc. | Query processing using data processing units having DFA/NFA hardware accelerators |
US11934964B2 (en) | 2020-03-20 | 2024-03-19 | Microsoft Technology Licensing, Llc | Finite automata global counter in a data flow graph-driven analytics platform having analytics hardware accelerators |
US11630729B2 (en) | 2020-04-27 | 2023-04-18 | Fungible, Inc. | Reliability coding with reduced network traffic |
CN111753150B (zh) * | 2020-05-15 | 2023-10-13 | 中国科学院信息工程研究所 | 一种基于图搜索方法加速epsilon闭包计算的方法及系统 |
KR102275635B1 (ko) * | 2020-06-24 | 2021-07-08 | 한양대학교 에리카산학협력단 | 함수 호출 패턴 분석을 통한 이상 검출 장치 및 방법 |
US11750636B1 (en) * | 2020-11-09 | 2023-09-05 | Two Six Labs, LLC | Expression analysis for preventing cyberattacks |
KR102271489B1 (ko) * | 2020-12-04 | 2021-07-02 | (주)소만사 | 정규표현식 패턴의 탐지를 위한 아호코라식 오토마타 구축 장치 및 방법 |
US20220217120A1 (en) * | 2021-01-04 | 2022-07-07 | Fastly Inc. | Minimization optimizations for web application firewalls |
US11563625B1 (en) * | 2021-09-28 | 2023-01-24 | Rakuten Mobile, Inc. | Static and dynamic non-deterministic finite automata tree structure application apparatus and method |
Family Cites Families (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7613926B2 (en) * | 1997-11-06 | 2009-11-03 | Finjan Software, Ltd | Method and system for protecting a computer and a network from hostile downloadables |
CA2243724C (en) * | 1997-07-28 | 2002-01-22 | At&T Corp. | A geographical information search system |
US7975305B2 (en) * | 1997-11-06 | 2011-07-05 | Finjan, Inc. | Method and system for adaptive rule-based content scanners for desktop computers |
US8010469B2 (en) | 2000-09-25 | 2011-08-30 | Crossbeam Systems, Inc. | Systems and methods for processing data flows |
US7027988B1 (en) | 2001-07-20 | 2006-04-11 | At&T Corp. | System and method of ε removal of weighted automata and transducers |
US7046848B1 (en) * | 2001-08-22 | 2006-05-16 | Olcott Peter L | Method and system for recognizing machine generated character glyphs and icons in graphic images |
US7305391B2 (en) * | 2003-02-07 | 2007-12-04 | Safenet, Inc. | System and method for determining the start of a match of a regular expression |
CA2521576A1 (en) * | 2003-02-28 | 2004-09-16 | Lockheed Martin Corporation | Hardware accelerator state table compiler |
US7093231B2 (en) * | 2003-05-06 | 2006-08-15 | David H. Alderson | Grammer for regular expressions |
WO2004107404A2 (en) * | 2003-05-23 | 2004-12-09 | Sensory Networks, Inc. | Apparatus and method for large hardware finite state machine with embedded equivalence classes |
US7685254B2 (en) * | 2003-06-10 | 2010-03-23 | Pandya Ashish A | Runtime adaptable search processor |
US7370361B2 (en) * | 2004-02-06 | 2008-05-06 | Trend Micro Incorporated | System and method for securing computers against computer virus |
US7586851B2 (en) * | 2004-04-26 | 2009-09-08 | Cisco Technology, Inc. | Programmable packet parsing processor |
US8392590B2 (en) * | 2004-09-10 | 2013-03-05 | Cavium, Inc. | Deterministic finite automata (DFA) processing |
US8301788B2 (en) * | 2004-09-10 | 2012-10-30 | Cavium, Inc. | Deterministic finite automata (DFA) instruction |
US7594081B2 (en) * | 2004-09-10 | 2009-09-22 | Cavium Networks, Inc. | Direct access to low-latency memory |
WO2006029508A1 (en) * | 2004-09-13 | 2006-03-23 | Solace Systems Inc. | Highly scalable subscription matching for a content routing network |
WO2006061899A1 (ja) * | 2004-12-09 | 2006-06-15 | Mitsubishi Denki Kabushiki Kaisha | 文字列照合装置および文字列照合プログラム |
US7710988B1 (en) * | 2005-03-11 | 2010-05-04 | Xambala Corporation | Method and system for non-deterministic finite automaton filtering |
US7512634B2 (en) * | 2006-06-05 | 2009-03-31 | Tarari, Inc. | Systems and methods for processing regular expressions |
GB2441351B (en) * | 2006-09-01 | 2010-12-08 | 3Com Corp | Positionally dependent pattern checking in character strings using deterministic finite automata |
US8024691B2 (en) * | 2006-09-28 | 2011-09-20 | Mcgill University | Automata unit, a tool for designing checker circuitry and a method of manufacturing hardware circuitry incorporating checker circuitry |
US7912808B2 (en) * | 2006-12-08 | 2011-03-22 | Pandya Ashish A | 100Gbps security and search architecture using programmable intelligent search memory that uses a power down mode |
US7636717B1 (en) | 2007-01-18 | 2009-12-22 | Netlogic Microsystems, Inc. | Method and apparatus for optimizing string search operations |
FR2914081A1 (fr) * | 2007-03-23 | 2008-09-26 | Advestigo Sa | Procede de protection de documents numeriques contre des utilisations non autorisees. |
US7854002B2 (en) * | 2007-04-30 | 2010-12-14 | Microsoft Corporation | Pattern matching for spyware detection |
US8219508B2 (en) * | 2007-07-06 | 2012-07-10 | Lsi Corporation | Systems and methods for compressing state machine instructions using a two access indexing scheme |
WO2009017131A1 (ja) * | 2007-08-02 | 2009-02-05 | Nec Corporation | ε遷移を含まない非決定性有限オートマトン生成システムと方法およびプログラム |
US7949683B2 (en) * | 2007-11-27 | 2011-05-24 | Cavium Networks, Inc. | Method and apparatus for traversing a compressed deterministic finite automata (DFA) graph |
US8180803B2 (en) * | 2007-11-27 | 2012-05-15 | Cavium, Inc. | Deterministic finite automata (DFA) graph compression |
US20100037056A1 (en) * | 2008-08-07 | 2010-02-11 | Follis Benjamin D | Method to support privacy preserving secure data management in archival systems |
US8176085B2 (en) * | 2008-09-30 | 2012-05-08 | Microsoft Corporation | Modular forest automata |
US8473523B2 (en) * | 2008-10-31 | 2013-06-25 | Cavium, Inc. | Deterministic finite automata graph traversal with nodal bit mapping |
US20100192225A1 (en) * | 2009-01-28 | 2010-07-29 | Juniper Networks, Inc. | Efficient application identification with network devices |
US9179305B2 (en) * | 2009-06-11 | 2015-11-03 | Qualcomm Incorporated | Bloom filter based device discovery |
CN102301342B (zh) * | 2009-07-29 | 2014-07-30 | 华为技术有限公司 | 正则表达式匹配方法和系统及查找装置 |
CN101655861B (zh) * | 2009-09-08 | 2011-06-01 | 中国科学院计算技术研究所 | 基于双计数布鲁姆过滤器的哈希方法和哈希装置 |
US8937942B1 (en) * | 2010-04-29 | 2015-01-20 | Juniper Networks, Inc. | Storing session information in network devices |
CN101853301A (zh) * | 2010-05-25 | 2010-10-06 | 华为技术有限公司 | 正则表达式匹配的方法和系统 |
US8543528B2 (en) * | 2010-09-23 | 2013-09-24 | International Business Machines Corporation | Exploitation of transition rule sharing based on short state tags to improve the storage efficiency |
US8799188B2 (en) * | 2011-02-08 | 2014-08-05 | International Business Machines Corporation | Algorithm engine for use in a pattern matching accelerator |
US9858051B2 (en) | 2011-06-24 | 2018-01-02 | Cavium, Inc. | Regex compiler |
US8990259B2 (en) | 2011-06-24 | 2015-03-24 | Cavium, Inc. | Anchored patterns |
-
2011
- 2011-06-24 US US13/168,450 patent/US9858051B2/en active Active
-
2012
- 2012-06-20 DE DE112012002624.1T patent/DE112012002624B4/de active Active
- 2012-06-20 KR KR1020167020582A patent/KR101868720B1/ko active IP Right Grant
- 2012-06-20 CN CN201710258370.9A patent/CN107122221B/zh active Active
- 2012-06-20 CN CN201280038799.2A patent/CN103733590B/zh active Active
- 2012-06-20 KR KR1020147002075A patent/KR20140051914A/ko active Application Filing
- 2012-06-20 WO PCT/US2012/043307 patent/WO2012177736A1/en active Application Filing
Non-Patent Citations (1)
Title |
---|
一种面向网络安全检测的高性能正则表达式匹配算法;张树壮,等;《计算机学报》;20101031;第33卷(第10期);第1976-1986页 * |
Also Published As
Publication number | Publication date |
---|---|
WO2012177736A1 (en) | 2012-12-27 |
KR20160093101A (ko) | 2016-08-05 |
CN103733590A (zh) | 2014-04-16 |
DE112012002624B4 (de) | 2021-01-28 |
DE112012002624T5 (de) | 2014-04-17 |
US9858051B2 (en) | 2018-01-02 |
KR20140051914A (ko) | 2014-05-02 |
US20120331554A1 (en) | 2012-12-27 |
CN107122221A (zh) | 2017-09-01 |
KR101868720B1 (ko) | 2018-07-17 |
CN107122221B (zh) | 2021-03-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103733590B (zh) | 用于正则表达式的编译器 | |
US9514246B2 (en) | Anchored patterns | |
EP3716110B1 (en) | Computer-security event clustering and violation detection | |
US11899786B2 (en) | Detecting security-violation-associated event data | |
US11392689B2 (en) | Computer-security violation detection using coordinate vectors | |
US7685637B2 (en) | System security approaches using sub-expression automata | |
CN108701187A (zh) | 混合硬件软件分布式威胁分析 | |
Taylor et al. | Detecting malicious exploit kits using tree-based similarity searches | |
US10528731B1 (en) | Detecting malicious program code using similarity of hashed parsed trees | |
US7216364B2 (en) | System security approaches using state tables | |
EP1607823A2 (en) | Method and system for virus detection based on finite automata | |
Soleymani et al. | A novel approach for detecting DGA-based botnets in DNS queries using machine learning techniques | |
Shaheed et al. | Web application firewall using machine learning and features engineering | |
Hwang et al. | Semi-supervised based unknown attack detection in EDR environment | |
Hu et al. | Detecting cryptojacking traffic based on network behavior features | |
Meng et al. | Design of cloud-based parallel exclusive signature matching model in intrusion detection | |
Patil et al. | Learning to Detect Phishing Web Pages Using Lexical and String Complexity Analysis | |
Ethilu et al. | Improving Performance and Efficiency of Software Defined Networking by Identifying Malicious Switches through Deep Learning Model | |
Tan et al. | Web Application Anomaly Detection Based On Converting HTTP Request Parameters To Numeric | |
Molcer et al. | Machine learning based network intrusion detection system for internet of things cybersecurity | |
CN114697049B (zh) | WebShell检测方法及装置 | |
Naqash et al. | Detection of Malicious Flows in the Software-Defined Networks by Using Statistical Flow Analysis-Based Intrusion Detection System | |
Shaikh et al. | Dynamic Updating of Signatures for Improving the Performance of IDS | |
Alrehaili et al. | An Attack Scenario Reconstruction Approach Using Alerts Correlation and a Dynamic Attack Graph | |
Manimegalai et al. | Intrusion Detection Using Bloom and XOR Filters |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1193278 Country of ref document: HK |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: California, USA Patentee after: Cavium, Inc. Address before: California, USA Patentee before: Cavium, Inc. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20200424 Address after: Singapore City Patentee after: Marvell Asia Pte. Ltd. Address before: Ford street, Grand Cayman, Cayman Islands Patentee before: Kaiwei international Co. Effective date of registration: 20200424 Address after: Ford street, Grand Cayman, Cayman Islands Patentee after: Kaiwei international Co. Address before: California, USA Patentee before: Cavium, Inc. |