Skip to main content
SpringerLink
Log in

Improved deep packet inspection in data stream detection

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Finite state automata are widely used in firewalls, data detection and content audit systems to match complex sets of regular expressions in network packets. However, with the continuous increase in the types of network contents and network traffics in recent years, the deep packet inspection systems based on finite state automata also require regular engines for less memory consumption and higher operating speed. This paper analyzes the feature and problem of finite state automata and improves non-deterministic finite automata by reducing the conversion edge to reduce the memory usage. The experiment results which are made by real-world dataset show that the memory usage is reduced more than half.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Yin C, Zhang S (2017) Parallel implementing improved k-means applied for image retrieval and anomaly detection. Multimed Tools Appl 76(16):16911–16927

    Article  Google Scholar 

  2. Wang J, Zhang Z, Li B, Lee S, Sherratt RS (2014) An enhanced fall detection system for elderly person monitoring using consumer home networks. IEEE Trans Consum Electron 60(1):23–29

    Article  Google Scholar 

  3. Yin C, Xi J, Sun R (2017) Location privacy protection based on differential privacy strategy for big data in industrial internet-of-things. IEEE Trans Ind Inf. https://doi.org/10.1109/tii.2017.2773646

    Google Scholar 

  4. Fu Z, Ren K, Shu J, Sun X, Huang F (2016) Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans Parallel Distrib Syst 27(9):2546–2559

    Article  Google Scholar 

  5. Keegan N, Ji S-Y, Chaudhary A, Concolato C, Yu B, Jeong DH (2016) A survey of cloud-based network intrusion detection analysis. Human-Cent Comput Inf Sci 6(1):19

    Article  Google Scholar 

  6. Rathod SB, Reddy VK (2017) Ndynamic framework for secure vm migration over cloud computing. J Inf Process Syst 13(3):476–490

    Google Scholar 

  7. Iuga C, Nurse JRC, Erola A (2016) Baiting the hook: factors impacting susceptibility to phishing attacks. Human-Cent Comput Inf Sci 6(1):1–20

    Article  Google Scholar 

  8. Sherry J, Lan C, Popa RA, Ratnasamy S (2015) Blindbox: deep packet inspection over encrypted traffic. ACM SIGCOMM Comput Commun Rev 45(4):213–226

    Article  Google Scholar 

  9. Dharmapurikar S, Krishnamurthy P, Sproull TS, Lockwood JW (2004) Deep packet inspection using parallel bloom filters. IEEE Micro 24(1):52–61

    Article  Google Scholar 

  10. Yin C, Feng L, Ma L (2016) An improved Hoeffding-ID data-stream classification algorithm. J Supercomput 72(7):2670–2681

    Article  Google Scholar 

  11. Gu B, Sun X, Sheng VS (2017) Structural minimax probability machine. IEEE Trans Neural Netw Learn Syst 28(7):1646–1656

    Article  MathSciNet  Google Scholar 

  12. Yin C, Xia L, Zhang S, Sun R, Wang J (2017) Improved clustering algorithm based on high-speed network data stream. Soft Comput 22:4185–4195

    Article  Google Scholar 

  13. Ma T, Zhang Y, Cao J, Shen J, Tang M, Tian Y, Al-Rodhaan M (2015) KDVEM: a k-degree anonymity with vertex and edge modification algorithm. Computing 97(12):1165–1184

    Article  MathSciNet  MATH  Google Scholar 

  14. Gu B, Sheng VS, Tay KY, Romano W, Li S (2015) Incremental support vector learning for ordinal regression. IEEE Trans Neural Netw Learn Syst 26(7):1403–1416

    Article  MathSciNet  Google Scholar 

  15. Gu B, Sheng VS (2017) A robust regularization path algorithm for v-support vector classification. IEEE Trans Neural Netw Learn Syst 28(5):1241–1248

    Article  Google Scholar 

  16. Ma J, Zhou H, Zhao J, Gao Y, Jiang J, Tian J (2015) Robust feature matching for remote sensing image registration via locally linear transforming. IEEE Trans Geosci Remote Sens 53(12):6469–6481

    Article  Google Scholar 

  17. Zeng D, Dai Y, Li F, Sherratt RS, Wang J (2018) Adversarial learning for distant supervised relation extraction. Comput Mater Contin 55(1):121–136

    Google Scholar 

  18. Tu Y, Lin Y, Wang J, Kim JU (2018) Semi-supervised learning with generative adversarial networks on digital signal modulation classification. Comput Mater Contin 55(2):243–254

    Google Scholar 

  19. Bando M, Artan NS, Chao HJ (2012) Scalable lookahead regular expression detection system for deep packet inspection. IEEE/ACM Trans Netw 20(3):699–714

    Article  Google Scholar 

  20. Vuppala R, Farik M (2015) Intrusion detection amp prevention systems-sourcefire snort. Int J Sci Technol Res 4(8):220–223

    Google Scholar 

  21. Paxson V (1999) Bro: a system for detecting network intruders in real-time. Comput Netw 31(23):2435–2463

    Article  Google Scholar 

  22. Brüggemann-Klein A (1993) Regular expressions into finite automata. Theoret Comput Sci 120(2):197–213

    Article  MathSciNet  MATH  Google Scholar 

  23. Vespa L, Weng N (2011) Deterministic finite automata characterization and optimization for scalable pattern matching. ACM Trans Arch Code Optim 8(1):1–31

    Article  Google Scholar 

  24. Lo CTD, Tai YG (2009) Space optimization on counters for FPGA-based perl compatible regular expressions. ACM Trans Reconfig Technol Syst 2(4):1–18

    Article  Google Scholar 

  25. Yu F, Chen Z, Diao Y, Lakshman T, Katz RH (2006) Fast and memory-efficient regular expression matching for deep packet inspection. In: ACM/IEEE Symposium on Architecture for Networking and Communications Systems, 2006. ANCS 2006, pp 93–102

  26. Becchi M, Crowley P (2008) Extending finite automata to efficiently match Perl-compatible regular expressions. In: ACM conference on emerging network experiment and technology, pp 1–12

  27. Becchi M, Crowley P (2007) A hybrid finite automaton for practical deep packet inspection. In: Proceedings of the 2007 ACM CoNEXT Conference, pp 1–12

  28. Kumar A, Verma AK (2014) A novel algorithm for the conversion of parallel regular expressions to non-deterministic finite automata. Appl Math Inf Sci 8(1):95–105

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgements

This work was funded by National Natural Science Foundation of China (61772282, 61772454, 6171101570). It was also supported by the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD), Postgraduate Research and Practice Innovation Program of Jiangsu Province (KYCX17_0901), Natural Science Foundation of Jiangsu Province (BK20150460) and Jiangsu Collaborative Innovation Center on Atmospheric Environment and Equipment Technology (CICAEET). It was also funded by the open research fund of Key Lab of Broadband Wireless Communication and Sensor Network Technology (Nanjing University of Posts and Telecommunications), Ministry of Education.

Author information

Authors and Affiliations

  1. School of Computer and Software, Jiangsu Engineering Center of Network Monitoring, Nanjing University of Information Science and Technology, Nanjing, 210044, China

    Chunyong Yin, Hongyi Wang & Ruxia Sun

  2. College of Information Engineering, Yangzhou University, Yangzhou, 225127, China

    Xiang Yin

  3. School of Computer and Communication Engineering, Changsha University of Science and Technology, Changsha, 410004, China

    Jin Wang

Authors
  1. Chunyong Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hongyi Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiang Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ruxia Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jin Wang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yin, C., Wang, H., Yin, X. et al. Improved deep packet inspection in data stream detection. J Supercomput 75, 4295–4308 (2019). https://doi.org/10.1007/s11227-018-2685-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-018-2685-y

Keywords

Search

Navigation