Nothing Special   »   [go: up one dir, main page]

CN102111402B - Method for grouping regular expression DFA - Google Patents

Method for grouping regular expression DFA Download PDF

Info

Publication number
CN102111402B
CN102111402B CN201010608744.3A CN201010608744A CN102111402B CN 102111402 B CN102111402 B CN 102111402B CN 201010608744 A CN201010608744 A CN 201010608744A CN 102111402 B CN102111402 B CN 102111402B
Authority
CN
China
Prior art keywords
group
dfa
regular expressions
canonical
grouping
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201010608744.3A
Other languages
Chinese (zh)
Other versions
CN102111402A (en
Inventor
李锋伟
刘朝辉
刘灿
刘兴奎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongke Shuguang Information Industry Hainan Co ltd
Original Assignee
Dawning Information Industry Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dawning Information Industry Beijing Co Ltd filed Critical Dawning Information Industry Beijing Co Ltd
Priority to CN201010608744.3A priority Critical patent/CN102111402B/en
Publication of CN102111402A publication Critical patent/CN102111402A/en
Application granted granted Critical
Publication of CN102111402B publication Critical patent/CN102111402B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Hardware Redundancy (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a method for grouping regular expression deterministic finite automations (DFA). The method comprises the following steps of: A. grouping every two regular expressions to generate a state sum of every two regular expressions; B. putting all the regular expressions in a first group, and setting a failure mark as 0; C. sequencing the state sums in the step A, and finding the two regular expressions a with maximum sum in the first group; D. putting the regular expressions a in a second group; E. generating a DFA for the regular expressions of the second group, judging the failure mark if the DFA is generated successfully under the DFA state number constraint condition, turning to the step C if the failure mark is 0, and turning to the step G the failure mark is 1; if failing, putting the a in a third group, setting the failure mark as 1, and turning to the step C; F. circularly operating the steps C, D and E till sequential trail of all the regular expressions is finished; G. and putting the regular expressions in the third group into the first group, trying to generate the DFA for the first group, if succeeding, finishing grouping, and if failing, regrouping the third group and turning to the step A. By the method, least grouping of the regular expressions is realized by using a detection elimination strategy, the maximization of generating the DFA state under the DFA state number constraint is realized, and efficient matching of the regular expressions can be realized.

Description

A kind of method that canonical formula DFA is divided into groups
Technical field
The present invention relates to network safety filed, be specifically related to a kind of method that canonical formula DFA is divided into groups.
Background technology
Regular expression is widely used in network information processing field, such as protocol identification, intrusion detection etc.Under DFA state number constraints, the grouping of canonical formula is generally all taked to attempt in order, to the grouping of canonical formula, generating DFA.Such grouping strategy can not obtain the minimum grouping to canonical formula, and the DFA of generation is not larger grouping, does not realize the efficient matchings of canonical formula.Especially, under the conditional condition of computer resource, this grouping strategy is utilized sometimes cannot to realize dividing into groups to all canonical formulas.The method can realize, to the maximization of DFA grouping, realizing the efficient matchings of canonical formula.
Summary of the invention
The object of the invention is to provide a kind of method of dividing into groups to canonical formula DFA.
To the method that canonical formula DFA divides into groups: comprise the following steps:
A, all canonical formulas to be divided into groups between two, generate state between any two and;
B, all canonical formulas are placed in first group, putting failure flags is 0;
C, to the state of steps A with sort, find out the canonical formula a that sum is between two maximum in the first set;
D, canonical formula a is placed in second group;
E, DFA is generated to the canonical formula of second group, if generate successfully under DFA state number constraints, judge failure flags, if be 0, forward step C to, if be 1, jump to step G; If failure, a is set to the 3rd group, putting failure flags is 1, forwards step C to;
F, cycling step C, D, E, until all canonical formulas all attempt terminating successively;
G, the canonical formula in the 3rd group to be put in first group, to attempt generating DFA to first group, if success, then divide into groups to terminate, if failure, again can divide into groups to the 3rd group, forward steps A to.
The present invention utilizes detection replacement policy, achieves the minimum grouping to canonical formula, achieves under the constraint of DFA state number, generates the maximization of DFA state, can realize the efficient matchings to canonical formula.
Accompanying drawing explanation
Fig. 1 is flow chart of the present invention
Embodiment
(1) all canonical formulas are divided into groups between two, generate state between any two and;
(2) all canonical formulas are placed in first group, putting failure flags is 0;
(3) to the state in the first step and sorting, the canonical formula a that sum is between two maximum is found out in the first set;
(4) canonical formula a is placed in second group;
(5) DFA is generated to the canonical formula of second group, if generate successfully under DFA state number constraints, judge failure flags, if be 0, forward the 3rd step to, if be 1, jump to step (7); If failure, a is set to the 3rd group, putting failure flags is 1, forwards the 3rd step to;
(6) cycling the 3rd, the 4th, the 5th step, until all canonical formulas all attempt terminating successively.
(7) the canonical formula in the 3rd group is put in first group, attempts generating DFA to first group.If generate successfully, then divide into groups to terminate, if failure can be divided into groups again to the 3rd group, forward the first step to.

Claims (1)

1. the method that the canonical formula DFA being adapted to network information processing divides into groups, is characterized in that: comprise the following steps:
A, all canonical formulas to be divided into groups between two, generate state between any two and;
B, all canonical formulas are placed in first group, putting failure flags is 0;
C, to the state of steps A with sort, find out the canonical formula a that sum is between two maximum in the first set;
D, canonical formula a is placed in second group;
E, DFA is generated to the canonical formula of second group, if generate successfully under DFA state number constraints, judge failure flags, if be 0, forward step C to, if be 1, jump to step G; If failure, a is set to the 3rd group, putting failure flags is 1, forwards step C to;
F, cycling step C, D, E, until all canonical formulas all attempt terminating successively;
G, the canonical formula in the 3rd group to be put in first group, to attempt generating DFA to first group, if success, then divide into groups to terminate, if failure, again can divide into groups to the 3rd group, forward steps A to.
CN201010608744.3A 2010-12-17 2010-12-17 Method for grouping regular expression DFA Active CN102111402B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010608744.3A CN102111402B (en) 2010-12-17 2010-12-17 Method for grouping regular expression DFA

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010608744.3A CN102111402B (en) 2010-12-17 2010-12-17 Method for grouping regular expression DFA

Publications (2)

Publication Number Publication Date
CN102111402A CN102111402A (en) 2011-06-29
CN102111402B true CN102111402B (en) 2015-06-10

Family

ID=44175432

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010608744.3A Active CN102111402B (en) 2010-12-17 2010-12-17 Method for grouping regular expression DFA

Country Status (1)

Country Link
CN (1) CN102111402B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102387050A (en) * 2011-12-13 2012-03-21 曙光信息产业(北京)有限公司 System and method utilizing automata to achieve message depth detection
CN105320890B (en) * 2015-09-29 2019-02-22 国网智能电网研究院 A kind of source code leak detection method based on grouping DFA
CN105357177A (en) * 2015-09-29 2016-02-24 西安电子科技大学 Method for processing data packet filtering rule set and data packet matching method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1656731A (en) * 2002-02-08 2005-08-17 杜松网络公司 Multi-method gateway-based network security systems and methods
WO2007064685A2 (en) * 2005-12-02 2007-06-07 Exegy Incorporated Method and device for high performance regular expression pattern matching
CN101079890A (en) * 2007-07-04 2007-11-28 杭州华三通信技术有限公司 A method and device for generating characteristic code and identifying status machine
CN101827084A (en) * 2009-01-28 2010-09-08 丛林网络公司 The application identification efficiently of the network equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1656731A (en) * 2002-02-08 2005-08-17 杜松网络公司 Multi-method gateway-based network security systems and methods
WO2007064685A2 (en) * 2005-12-02 2007-06-07 Exegy Incorporated Method and device for high performance regular expression pattern matching
CN101079890A (en) * 2007-07-04 2007-11-28 杭州华三通信技术有限公司 A method and device for generating characteristic code and identifying status machine
CN101827084A (en) * 2009-01-28 2010-09-08 丛林网络公司 The application identification efficiently of the network equipment

Also Published As

Publication number Publication date
CN102111402A (en) 2011-06-29

Similar Documents

Publication Publication Date Title
Jia et al. An efficient anti-collision protocol for RFID tag identification
ATE511149T1 (en) EFFICIENT APPLICATION IDENTIFICATION WITH NETWORK DEVICES
WO2011080030A3 (en) Data value occurrence information for data compression
WO2012005765A1 (en) Data analysis using multiple systems
CN104468273A (en) Method and system for recognizing application type of flow data
CN102857339B (en) Secret distribution sharing and recovery recombining method based on sequences
CN102111402B (en) Method for grouping regular expression DFA
WO2018094299A2 (en) System architecture and method of processing data therein
CN105450853A (en) Method and apparatus for preventing wrong sending of chatting information, and mobile terminal
Thinh et al. A FPGA-based deep packet inspection engine for network intrusion detection system
CN104468098A (en) Method and device for generating serial number
CN104854602A (en) Generating messages from the firing of pre-synaptic neurons
CN115695041B (en) DDOS attack detection and protection method and application based on SDN
CN113037553B (en) IEC102 protocol communication behavior abnormity detection method and system based on IA-SVM
CN104008136A (en) Method and device for text searching
CN102130956B (en) Method and system for identifying application layer protocols
Lin et al. Phish2vec: A Temporal and Heterogeneous Network Embedding Approach for Detecting Phishing Scams on Ethereum
CN102073530B (en) Increment grouping method of multiple regular expressions
Kořenek et al. Nfa split architecture for fast regular expression matching
Davtyan et al. Brief announcement: Decentralized network supercomputing in the presence of malicious and crash-prone workers
CN110620785A (en) Parallel detection method, system and storage medium based on message marking data stream
Vespa et al. P3fsm: Portable predictive pattern matching finite state machine
Wang et al. Application of Community Detection Algorithm with Link Clustering in Inhibition of Social Network Worms.
CN103297293A (en) Method and device for inspecting packets
Kim et al. Reduced Power Consumption via Fewer Memory Accesses for Deep Packet Inspection.

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220729

Address after: 100193 No. 36 Building, No. 8 Hospital, Wangxi Road, Haidian District, Beijing

Patentee after: Dawning Information Industry (Beijing) Co.,Ltd.

Patentee after: DAWNING INFORMATION INDUSTRY Co.,Ltd.

Address before: 100084 Beijing Haidian District City Mill Street No. 64

Patentee before: Dawning Information Industry (Beijing) Co.,Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230822

Address after: Building 315, Building 5, Yabulun Industrial Park, Yazhou Bay Science and Technology City, Yazhou District, Sanya City, Hainan Province, 572000

Patentee after: Zhongke Shuguang Information Industry (Hainan) Co.,Ltd.

Address before: 100193 No. 36 Building, No. 8 Hospital, Wangxi Road, Haidian District, Beijing

Patentee before: Dawning Information Industry (Beijing) Co.,Ltd.

Patentee before: DAWNING INFORMATION INDUSTRY Co.,Ltd.

TR01 Transfer of patent right