When a network device receives a packet, the network device typically applies a security policy to the packet. Applying the security policy entails matching a known set of signatures (e.g., an attack signature) to a portion of the packet, and performing a specific action (e.g., drop the packet) if the portion matches one or more of the signatures.