| In recent years, with the rapid development of network, network is more and more famous. Especially in the past two years, the speed of the network is more and more fast, many web applications are developed continuously. With the emergence of a variety of network application, more attacks on network application layer appeared. In 2013, Alipay and Tenpay all suffered hacker attacks, they are very famous and have many users, it caused people’s attention to network security.In the past, use a firewall to resist invasion is the most common means of intrusion prevention. This way the application between the network and network outside, on defense, to test the network data. But, in the face of diverse and various new network attack, firewall technology can not effectively defense and resistance, easy to cause congestion or overflow, and if the network intrusion was conducted through legal port and is difficult to effectively defense, treat internal invasion of initiate connections generally difficult to defense and other shortcomings. Therefore, in recent years, mainly used in the application layer of network intrusion detection method. In recent years, more and more researchers in the field of network security research direction will focus on how to improve the efficiency of the deep packet inspection.Regular expressions due to their sensitivity and adaptability gradually replaced the original matching method which is widely used in various kinds of intrusion detection system. Regular expression match is divided into regular expression matching based on certainty and regular expression matching based on uncertain. Compared the two, the DFA matches faster, but need to take up more space, the NFA can save space, but the matching speed is slow.However, due to the matching of the NFA is uncertain, so the results may also be a variety of situations exist at the same time, the matching efficiency will be greatly reduced, the match between the DFA is certain, the result is also the only, in the real world of the network, the matching efficiency is key, therefore, the DFA due to its high efficiency matching process and has been widely used, but because of the DFA contains all of the state and the state transition process, so its consumption of space is very huge.This paper analyzes the principles of DFA algorithm deeply, it is concluded that the advantages and disadvantages of the algorithm, according to the disadvantages of the algorithm analyzes the optimization direction, design of high-performance regular expression compression algorithm, on the basis of the previous work, this paper studies the DDFA algorithm, and the program can realized the DDFA algorithm, and through the experiment compared the DDFA algorithm for rule set with the similarities and differences between the DFA algorithm, and through the experiment discovered this algorithm there are matching the disadvantage of low efficiency, then, this article will DFA algorithm has the advantages of and DDFA algorithm has the advantages of fuses in together, was designed and implemented a regular expression optimization algorithm based on DFA, effective compression of DFA, and at the same time as much as possible to ensure the matching efficiency of the algorithm will not drop too much. Finally, we match the efficiency of the algorithm is verified by experiment, the algorithm of space occupancy, the runtime of the algorithm... |
PDF Full Text Request