Compressing Regular Expression Sets for Deep Packet Inspection

Created by W.Langdon from gp-bibliography.bib Revision:1.7615

@InProceedings{Bartoli:2014:PPSN,

• author = "Alberto Bartoli and Simone Cumar and Andrea {De Lorenzo} and Eric Medvet",
• title = "Compressing Regular Expression Sets for Deep Packet Inspection",
• booktitle = "13th International Conference on Parallel Problem Solving from Nature",
• year = "2014",
• editor = "Thomas Bartz-Beielstein and Juergen Branke and Bogdan Filipic and Jim Smith",
• publisher = "Springer",
• isbn13 = "978-3-319-10761-5",
• pages = "394--403",
• series = "Lecture Notes in Computer Science",
• address = "Ljubljana, Slovenia",
• month = "13-17 " # sep,
• volume = "8672",
• keywords = "genetic algorithms, genetic programming",
• URL = "http://machinelearning.inginf.units.it/publications/international-conference-publications/compressingregularexpressionsetsfordeeppacketinspection",
• DOI = "doi:10.1007/978-3-319-10762-2_39",
• abstract = "The ability to generate security-related alerts while analysing network traffic in real time has become a key mechanism in many networking devices. This functionality relies on the application of large sets of regular expressions describing attack signatures to each individual packet. Implementing an engine of this form capable of operating at line speed is considerably difficult and the corresponding performance problems have been attacked from several points of view. In this work we propose a novel approach complementing earlier proposals: we suggest transforming the starting set of regular expressions to another set of expressions which is much smaller yet classifies network traffic in the same categories as the starting set. Key component of the transformation is an evolutionary search based on Genetic Programming: a large population of expressions represented as abstract syntax trees evolves by means of mutation and crossover, evolution being driven by fitness indexes tailored to the desired classification needs and which minimise the length of each expression. We assessed our proposals on real datasets composed of up to 474 expressions and the outcome has been very good, resulting in compressions in the order of 74percent. Our results are highly encouraging and demonstrate the power of evolutionary techniques in an important application domain.",
• notes = "PPSN-XIII",

}

Genetic Programming entries for Alberto Bartoli Simone Cumar Andrea De Lorenzo Eric Medvet

Citations