摘要： 深度数据包检查是网络入侵检测系统的性能瓶颈。该文分析入侵规则集中模式串的分布特点，对多模式匹配算法FNP进行改进，研究在多核多线程体系结构的网络处理器上高效实现模式串匹配的方法。在Intel IXP2800网络处理器上的仿真实验结果表明，改进算法在规模为10 K的模式串集合上能达到6 Gb/s的吞吐量，具有几乎线性的加速比。

关键词: 多模式串匹配, 网络处理器, 并行算法

Abstract: Deep packet inspection is the bottleneck of a network intrusion detection system. This paper analyzes the characteristic of a real intrusion pattern string set, discusses the improvement of a multi-pattern matching algorithm FNP and its implementing optimization on a multi-core and multithreaded platform-Intel IXP2800 Network Processor Unit(NPU). Simulations on Intel IXP2800 NPU show that the improved FNP can achieve 6 Gb/s throughput on a 10 K-size randomly generated pattern sets, and has almost linear speedup.

Key words: multi-pattern matching, network processor, parallel algorithm

中图分类号: 

• TP393.08