ネットワーク侵入検知システム, 正規表現マッチング, 先読み
IDS is used to detect virus patterns by packets in the network. The virus patterns are generally expressed as regular expression. The matching hardware for regular expressions has been extensively studied. However, the look-ahead and back referece approaches have not been studied very much. By using the matching method for the look-ahead pattern that has been already suggested, the matching result is added to memory. Therefore, the memory increases as look-ahead patterns increases. Moreover, the operating frequency becomes lower than that of conventional matching hardware. In this article, we propose an improved method of regular expression matching hardware for the look-ahead pattern. Using the proposed method, we show a decrese in memory and an improvement in the operating frequency.
編集・発行 : 一般社団法人 電気学会 制作・登載者 : 三美印刷株式会社