High performance multi-string pattern matching for network applications네트워크 어플리케이션을 위한 고성능 다중 패턴 매칭 알고리즘에 관한 연구
Middlebox services that inspect packet payload have become commonplace. Today, anyone can sign up for cloud-based Web application fifirewall with a single click. These services typically look for known patterns that might appear anywhere in the payload. The key challenge is that existing solutions for pattern matching have become a bottleneck as software packet processing technologies advanced. The popularization of cloud-based services has made the problem even more critical.
This paper presents an efficient multi-pattern string matching algorithm, called DFC. DFC significantly reduces the number of memory accesses and cache misses by using small and cache-friendly data structures and avoids instruction pipeline stalls by minimizing sequential data dependency. Our evaluation shows that DFC improves the performance by 2.0 to 3.6 times compared to the state-of-the-art on real tracffic workload obtained from a commercial network. It also outperforms other algorithms even in the worst case. In addition, the data structure construction time of DFC is much smaller than that of other algorithm. When applied to middlebox applications, such as network intrusion detection, anti-virus, and Web application fifirewall, DFC delivers 57%-160% performance improvement.
- Advisors
- Han, Dongsuresearcher; 한동수researcher
- Description
- 한국과학기술원 :전기및전자공학부,
- Publisher
- 한국과학기술원
- Issue Date
- 2016
- Identifier
- 325007
- Language
- eng
- Description
학위논문(석사) - 한국과학기술원 : 전기및전자공학부, 2016.2 ,[v, 33 p. :]
- Keywords
multi-pattern matching; multi-string pattern matching; network application; middlebox applications; Aho-Corasick algorithm; 다중 패턴 매칭; 다중 문자열 패턴 매칭; 네트워크 어플리케이션; 미들박스 어플리케이션; 아호 코라식 알고리즘
- Appears in Collection
- EE-Theses_Master(석사논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.