摘要
随着网络攻击的增多,各类安全系统被广泛应用,其关键和核心是规则匹配。加速规则匹配可以提高系统性能,使其适应更高速网络和更严格环境。介绍和分析了现有的两种主要规则匹配算法:布尔表达式树和有向无环控制流图,提出了一种快速规则匹配算法。该算法先对有向无环控制流图进行等价变换,再在此基础上进行概率优化和改进,通过调整规则内部的逻辑表示结构,使得规则的结构转换速度和计算速度都得到明显的提高。经过测试比较,该算法能有效缩短匹配时间,改善系统性能。
With network attacks increasing, security systems are wiaely applied, and, matching speed improve efficiency, and make security systems suit for higher-speed networks and much stricter environments. Two kind of common matching algorithms are introduced and analysed at first: Boolean expression tree and directed acyclic control flow graph (CFG), and then a better one is put forward. This algorithm does equivalent transformation over CFG at first, does some optimization and improvement with probability, and then adjusts rule's internal logical expression structure, So it gets faster to transform structure and compute, Through testing, this algorithm is shown to take less time and improve performance greatly.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第6期1269-1272,共4页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2003AA144050)
关键词
规则匹配
布尔表达式树
有向无环控制流图
线形结构
析取范式
rule match
boolean expression tree
directed acyclic control flow graph
linear structure
disjunctive normal form