Re: Inverse grep

Chris F Clark <>
Sun, 12 Jun 2011 14:16:30 -0400

          From comp.compilers

Related articles
Inverse grep (glen herrmannsfeldt) (2011-06-08)
Re: Inverse grep (Chris F Clark) (2011-06-12)
Re: Inverse grep (Tony Finch) (2011-06-13)
Re: Inverse grep (2011-06-14)
Re: Inverse grep (2011-06-15)
Re: Inverse grep (Paul Wankadia) (2012-05-28)
| List of all articles for this month |

From: Chris F Clark <>
Newsgroups: comp.compilers
Date: Sun, 12 Jun 2011 14:16:30 -0400
Organization: The World Public Access UNIX, Brookline, MA
References: 11-06-015
Keywords: lex, comment
Posted-Date: 13 Jun 2011 01:36:24 EDT

Actually, most "intrusion detection systems" (IDSes, e.g. Snort) and
virus scanners (e.g. ClamAV) are essentially just that. Given a
packet, the contents of the packet are inspected to see which if any
patterns are matched and if so, the relevant pattern [numbers] are
reported. Generally, the technology used does not actually build a
single pattern from the | of the patterns and run that FA, because
there aren't known efficient solutions to that problem for large
pattern sets. One either suffers space or time explosion to do so.

Hope this helps,

Chris Clark email:
Compiler Resources, Inc. Web Site:
23 Bailey Rd voice: (508) 435-5016
Berlin, MA 01503 USA twitter: @intel_chris
[On machines with gigabyte memories, does the space explosion for
large patterns still matter? -John]

Post a followup to this message

Return to the comp.compilers page.
Search the comp.compilers archives again.