Invention Grant
US07904961B2 Network attack detection using partial deterministic finite automaton pattern matching
有权
使用部分确定性有限自动机模式匹配的网络攻击检测
- Patent Title: Network attack detection using partial deterministic finite automaton pattern matching
- Patent Title (中): 使用部分确定性有限自动机模式匹配的网络攻击检测
-
Application No.: US11738059Application Date: 2007-04-20
-
Publication No.: US07904961B2Publication Date: 2011-03-08
- Inventor: Qingming Ma , Bryan Burns , Krishna Narayanaswamy , Vipin Rawat , Michael Chuong Shieh
- Applicant: Qingming Ma , Bryan Burns , Krishna Narayanaswamy , Vipin Rawat , Michael Chuong Shieh
- Applicant Address: US CA Sunnyvale
- Assignee: Juniper Networks, Inc.
- Current Assignee: Juniper Networks, Inc.
- Current Assignee Address: US CA Sunnyvale
- Agency: Shumaker & Sieffert, P.A.
- Main IPC: G06F11/00
- IPC: G06F11/00
Abstract:
This disclosure describes techniques for determining whether network traffic contains one or more computer security threats. In order to determine whether a symbol stream conforms to the symbol pattern, a security device stores a full deterministic finite automaton (fDFA) that accepts streams of symbols that conform to the symbol pattern. The security device also creates a partial deterministic finite automaton (pDFA) that includes nodes that correspond to the nodes in the fDFA that have the highest visitation levels. The security device processes each symbol in the symbol stream using the pDFA until a symbol causes the pDFA to transition to a failure node or to an accepting node. If the symbol causes the pDFA to transition to the failure node, the security device processes the symbol and subsequent symbols in the symbol stream using the fDFA.
Public/Granted literature
- US20080263665A1 NETWORK ATTACK DETECTION USING PARTIAL DETERMINISTIC FINITE AUTOMATON PATTERN MATCHING Public/Granted day:2008-10-23
Information query
