1 / 14

Regular Expression Matching for Reconfigurable Constraint Repetition Inspection

Regular Expression Matching for Reconfigurable Constraint Repetition Inspection. Authors : Miad Faezipour and Mehrdad Nourani Publisher : IEEE GLOBECOM 2008 Present : Chen- Rong Chang Date : May , 06, 2009. Department of Computer Science and Information Engineering

kerry
Download Presentation

Regular Expression Matching for Reconfigurable Constraint Repetition Inspection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Regular Expression Matching for Reconfigurable Constraint Repetition Inspection Authors : Miad Faezipour and Mehrdad Nourani Publisher : IEEE GLOBECOM 2008 Present :Chen- Rong Chang Date :May, 06, 2009 Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C.

  2. Outline • Introduction • Counting Meta-Character Design • Sub-RegExp Unit • Counter Reset Unit • Counter • Sub-Circuit for At least Block • Optimizations For Area Reduction • Alternate Meta-character • Experimental Results

  3. Introduction • The conventional approach to deal with constraint repetitions is to unroll the pattern into the number of repetitions required. • However, constraint repetitions of nearly one thousand repetitionsor more have been seen across SNORT IDS rules. • This can easily consume a huge portion of hardware resources, and is clearly inefficient.

  4. Counting Meta-Character Design(1/8)

  5. Counting Meta-Character Design(2/8) Regex : (abc){2}

  6. Counting Meta-Character Design(3/8)

  7. Sub-RegExp Unit(4/8) • A sub-regular expression having fixed or variable length characters, or even strings containing meta-characters. • Whenever the sub-RegExp is detected, the incsignal becomes high, whichin turn, increments the counter.

  8. Counter Reset Unit(5/8) • If the input stream contains any character other than the ones in the sub-RegExp, or includes the sub-RegExp characters, but messes the consecutive property that the sub-RegExp count demands, the counter should reset.

  9. Counter(6/9) • q : count value. • rst : used for power on initialization. • rst_cnt : resets the counter whenever the reset sub- circuit becomes active. • n, m : as inputs to determine the range of the count when needed. • g : is an input that indicates whether the constraint repetition is of the At least type or not. • o : is the final output of the design, which indicates when the sub-RegExp containing the counting meta-character has been detected.

  10. Sub-Circuit for At least Block(7/8) “(sub-RegExp){n,}” => “(sub-RegExp){n}(sub-RegExp)*”

  11. Counting Meta-Character Design(8/8) • In summary, the parameters in our counting mechanism can be classified as follows: • Exactly n: (sub-RegExp){n}, where m = n and g = 0. • At Most n: (sub-RegExp){,n}, where n = 1, m > n and g = 0. • At Least n: (sub-RegExp){n,}, where m = n and g = 1. • Between n and m: (sub-RegExp){n,m}, where m > n and g = 0.

  12. Optimizations For Area Reduction-Alternate Meta-character • Alternate Meta-character

  13. Experimental Results(1/2)

  14. Experimental Results(2/2) STATISTICS ON SNORT IDS RULES

More Related