A Fast Regular Expressions Matching Algorithm for NIDS

被引:3
|
作者
Zhang, Meng-meng [1 ]
Sun, Yan [2 ]
Wang, Jing-zhong
机构
[1] North China Univ Technol, Sch Informat Engn, Beijing 100144, Peoples R China
[2] Washington State Univ, Sch Elect Engn & Comp Sci, Pullman, WA 99164 USA
来源
APPLIED MATHEMATICS & INFORMATION SCIENCES | 2013年 / 7卷 / 02期
基金
中国国家自然科学基金;
关键词
NIDS; matching; Snort;
D O I
10.12785/amis/070245
中图分类号
O29 [应用数学];
学科分类号
070104 ;
摘要
In this paper, we propose a new algorithm to accelerate the searching speed in network intrusion detection system (NIDS) and we implement our algorithm in Snort, a popular open-source intrusion detection system. The algorithm is based on the fact that normal data stream rarely matches any virus signature and different packets need to check different keys. The algorithm does not need preprocessing and can check multiple characters in parallel. Experimental results show that our implementation is faster than original NFA/DFA based algorithms to deal with the same real packet traces while consuming an order of magnitude less memory.
引用
收藏
页码:755 / 761
页数:7
相关论文
共 50 条
  • [31] ENREM: An efficient NFA-based regular expression matching engine on reconfigurable hardware for NIDS
    Tran Trung Hieu
    Tran Ngoc Thinh
    Tomiyama, Shigenori
    JOURNAL OF SYSTEMS ARCHITECTURE, 2013, 59 (4-5) : 202 - 212
  • [32] Instance-Based Ontology Matching Using Regular Expressions
    Zaiss, Katrin
    Schlueter, Tim
    Conrad, Stefan
    ON THE MOVE TO MEANINGFUL INTERNET SYSTEMS: OTM 2008 WORKSHOPS, 2008, 5333 : 40 - 41
  • [33] Fast Matching of Regular Patterns with Synchronizing Counting
    Holik, Lukas
    Sic, Juraj
    Turonova, Lenka
    Vojnar, Tomas
    FOUNDATIONS OF SOFTWARE SCIENCE AND COMPUTATION STRUCTURES, FOSSACS 2023, 2023, 13992 : 392 - 412
  • [34] An Improved DFA for Fast Regular Expression Matching
    Ficara, Domenico
    Giordano, Stefano
    Procissi, Gregorio
    Vitucci, Fabio
    Antichi, Gianni
    Di Pietro, Andrea
    ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2008, 38 (05) : 31 - 40
  • [35] TOOLS FOR VERY FAST REGULAR EXPRESSION MATCHING
    Pasetto, Davide
    Petrini, Fabrizio
    Agarwal, Virat
    COMPUTER, 2010, 43 (03) : 50 - 58
  • [36] Towards Fast Regular Expression Matching in Practice
    Wang, Kai
    Li, Jun
    ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2013, 43 (04) : 531 - 532
  • [37] Regular Backtracking Fast Orthogonal Matching Pursuit Algorithm Based on Dice Coefficient Forward Prediction
    Chen P.
    Chen J.
    Wang X.
    Fang Y.
    Wang F.
    Dianzi Yu Xinxi Xuebao/Journal of Electronics and Information Technology, 2024, 46 (04): : 1488 - 1498
  • [38] An algorithm for pattern-matching mathematical expressions
    Hemer, D
    FORMAL METHODS PACIFIC '97, 1997, : 103 - 123
  • [39] A fast algorithm for template matching
    Kohandani, A.
    Basir, O.
    Kamel, M.
    IMAGE ANALYSIS AND RECOGNITION, PT 2, 2006, 4142 : 398 - 409
  • [40] Fast string matching algorithm
    Al-Howaide, Ala'a
    Mardini, Wail
    Khamayseh, Yaser
    Yasin, Muneer Bani
    2010 INTERNATIONAL CONFERENCE ON MANAGEMENT SCIENCE AND ENGINEERING (MSE 2010), VOL 2, 2010, : 247 - 250
12345