Abstract: Concerning the defects of traditional rule matching engine, a solution using Multi-dimensional Bloom filters based on FPGA is proposed. The rule matching engine is designed to process both packet header and payload in parallel. The suspicious strings are picked up by the Multi-dimensional Bloom filters engines, and then sent to bit-split state machine for verification. The experimental results demonstrate that the false positive probability of the engine is reduced by using the Multi-dimensional Bloom filters which result in a higher throughput.

Key words: Multi-dimensional bloom filters, pattern matching, bit-split state machinee, FPGA, throughput

摘要： 针对传统的模式匹配引擎不具备完整报文检测功能的问题和出现的速度瓶颈，提出了基于FPGA实现的多维布隆过滤器解决方案，设计了能够同时检测报头和有效负载的多模式匹配引擎。引擎使用多维布隆过滤器过滤出可疑报文，由位拆分状态机进行精确匹配。分析和试验结果表明：与传统方法相比，基于多维布隆过滤器的模式匹配引擎可以并行检测报头和报文内容，在降低过滤器误判率的同时，有效提高了引擎的吞吐量。

关键词: 多维布隆过滤器, 模式匹配, 位拆分状态机, FPGA, 吞吐量