Compressing Regular Expression Sets for Deep Packet Inspection

Created by W.Langdon from gp-bibliography.bib Revision:1.3949

@InProceedings{Bartoli:2014:PPSN,
  author =       "Alberto Bartoli and Simone Cumar and 
                 Andrea {De Lorenzo} and Eric Medvet",
  title =        "Compressing Regular Expression Sets for Deep Packet
                 Inspection",
  booktitle =    "13th International Conference on Parallel Problem
                 Solving from Nature",
  year =         "2014",
  editor =       "Thomas Bartz-Beielstein and Juergen Branke and 
                 Bogdan Filipic and Jim Smith",
  publisher =    "Springer",
  isbn13 =       "978-3-319-10761-5",
  pages =        "394--403",
  series =       "Lecture Notes in Computer Science",
  address =      "Ljubljana, Slovenia",
  month =        "13-17 " # sep,
  volume =       "8672",
  keywords =     "genetic algorithms, genetic programming",
  URL =          "http://machinelearning.inginf.units.it/publications/international-conference-publications/compressingregularexpressionsetsfordeeppacketinspection",
  DOI =          "doi:10.1007/978-3-319-10762-2_39",
  abstract =     "The ability to generate security-related alerts while
                 analysing network traffic in real time has become a key
                 mechanism in many networking devices. This
                 functionality relies on the application of large sets
                 of regular expressions describing attack signatures to
                 each individual packet. Implementing an engine of this
                 form capable of operating at line speed is considerably
                 difficult and the corresponding performance problems
                 have been attacked from several points of view. In this
                 work we propose a novel approach complementing earlier
                 proposals: we suggest transforming the starting set of
                 regular expressions to another set of expressions which
                 is much smaller yet classifies network traffic in the
                 same categories as the starting set. Key component of
                 the transformation is an evolutionary search based on
                 Genetic Programming: a large population of expressions
                 represented as abstract syntax trees evolves by means
                 of mutation and crossover, evolution being driven by
                 fitness indexes tailored to the desired classification
                 needs and which minimise the length of each expression.
                 We assessed our proposals on real datasets composed of
                 up to 474 expressions and the outcome has been very
                 good, resulting in compressions in the order of
                 74percent. Our results are highly encouraging and
                 demonstrate the power of evolutionary techniques in an
                 important application domain.",
  notes =        "http://ppsn2014.ijs.si/",
}

Genetic Programming entries for Alberto Bartoli Simone Cumar Andrea De Lorenzo Eric Medvet

Citations