A Fast Regular Expressions Matching Algorithm for NIDS

被引:3
|
作者
Zhang, Meng-meng [1 ]
Sun, Yan [2 ]
Wang, Jing-zhong
机构
[1] North China Univ Technol, Sch Informat Engn, Beijing 100144, Peoples R China
[2] Washington State Univ, Sch Elect Engn & Comp Sci, Pullman, WA 99164 USA
来源
APPLIED MATHEMATICS & INFORMATION SCIENCES | 2013年 / 7卷 / 02期
基金
中国国家自然科学基金;
关键词
NIDS; matching; Snort;
D O I
10.12785/amis/070245
中图分类号
O29 [应用数学];
学科分类号
070104 ;
摘要
In this paper, we propose a new algorithm to accelerate the searching speed in network intrusion detection system (NIDS) and we implement our algorithm in Snort, a popular open-source intrusion detection system. The algorithm is based on the fact that normal data stream rarely matches any virus signature and different packets need to check different keys. The algorithm does not need preprocessing and can check multiple characters in parallel. Experimental results show that our implementation is faster than original NFA/DFA based algorithms to deal with the same real packet traces while consuming an order of magnitude less memory.
引用
收藏
页码:755 / 761
页数:7
相关论文
共 50 条
  • [21] Compact DFA Structure for Multiple Regular Expressions Matching
    Lin, Wei
    Tang, Yi
    Liu, Bin
    Pao, Derek
    Wang, XiaoFei
    2009 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-8, 2009, : 899 - +
  • [22] TREE PATTERN MATCHING FROM REGULAR TREE EXPRESSIONS
    Belabbaci, Ahlem
    Cherroun, Hadda
    Cleophas, Loek
    Ziadi, Djelloul
    KYBERNETIKA, 2018, 54 (02) : 221 - 242
  • [23] Probabilistic Pattern Matching and the Evolution of Stochastic Regular Expressions
    Brian J. Ross
    Applied Intelligence, 2000, 13 : 285 - 300
  • [24] Probabilistic pattern matching and the evolution of stochastic regular expressions
    Ross, BJ
    APPLIED INTELLIGENCE, 2000, 13 (03) : 285 - 300
  • [25] AN ALGORITHM FOR CONSTRUCTING A BASE IN A LANGUAGE OF REGULAR EXPRESSIONS
    MIRKIN, BG
    ENGINEERING CYBERNETICS, 1966, (05): : 110 - &
  • [26] A new recognition algorithm for extended regular expressions
    Yamamoto, H
    ALGORITHMS AND COMPUTATION, PROCEEDINGS, 2001, 2223 : 257 - 267
  • [27] A MATCHING ALGORITHM FOR REGULAR BIPARTITE GRAPHS
    CSIMA, J
    LOVASZ, L
    DISCRETE APPLIED MATHEMATICS, 1992, 35 (03) : 197 - 203
  • [28] A deterministic parsing algorithm for ambiguous regular expressions
    Borsotti, Angelo
    Breveglieri, Luca
    Crespi Reghizzi, Stefano
    Morzenti, Angelo
    ACTA INFORMATICA, 2021, 58 (03) : 195 - 229
  • [29] Algorithm for constructing the simplified DFA of regular expressions
    Tan, Fengqin
    Ruan Jian Xue Bao/Journal of Software, 1998, 9 (05): : 495 - 498
  • [30] A deterministic parsing algorithm for ambiguous regular expressions
    Angelo Borsotti
    Luca Breveglieri
    Stefano Crespi Reghizzi
    Angelo Morzenti
    Acta Informatica, 2021, 58 : 195 - 229
12345