Abstract: Traditional methods of application-layer protocol identification such as using default server port are no longer applicable to a large number of random ports application.A dynamic application-layer protocol identification based on regular expression is designed.Through analyzing the impact of number of DFA states to the algorithm performance，a DFA state number optimization algorithm is proposed.This algorithm has the little time complexity and space complexity under the limited system resource.And then packet matching patterns are tested with One-Pass scanning algorithm.Experimental results show that this program has a lower rate of resource consumption，higher efficiency of the identification and recognition accuracy.

Key words: protocol identification, regular expression, DFA state number optimization, One-Pass scanning algorithm

摘要： 传统依赖于端口号的应用层协议识别方法对大量具有随机端口的应用不再适用，设计一种基于正则表达式的动态应用层协议识别方案。在深入分析DFA状态数对算法性能影响的基础上，提出了构造最优DFA状态数的算法，该算法保证在任意有限的系统资源下具有最小的时间复杂度和空间复杂度，并且将报文匹配方式和One-Pass扫描算法相结合进行测试。实验表明此方案具有较低的资源消耗率，较高识别效率和识别精度。

关键词: 协议识别, 正则表达式, 最优DFA状态数, One-Pass扫描算法