A Fast Regular Expressions Matching Algorithm for NIDS

被引:3
|
作者
Zhang, Meng-meng [1 ]
Sun, Yan [2 ]
Wang, Jing-zhong
机构
[1] North China Univ Technol, Sch Informat Engn, Beijing 100144, Peoples R China
[2] Washington State Univ, Sch Elect Engn & Comp Sci, Pullman, WA 99164 USA
来源
APPLIED MATHEMATICS & INFORMATION SCIENCES | 2013年 / 7卷 / 02期
基金
中国国家自然科学基金;
关键词
NIDS; matching; Snort;
D O I
10.12785/amis/070245
中图分类号
O29 [应用数学];
学科分类号
070104 ;
摘要
In this paper, we propose a new algorithm to accelerate the searching speed in network intrusion detection system (NIDS) and we implement our algorithm in Snort, a popular open-source intrusion detection system. The algorithm is based on the fact that normal data stream rarely matches any virus signature and different packets need to check different keys. The algorithm does not need preprocessing and can check multiple characters in parallel. Experimental results show that our implementation is faster than original NFA/DFA based algorithms to deal with the same real packet traces while consuming an order of magnitude less memory.
引用
收藏
页码:755 / 761
页数:7
相关论文
共 50 条
  • [41] A fast algorithm for stereo matching
    Chung, KL
    INFORMATION PROCESSING LETTERS, 1997, 63 (02) : 57 - 61
  • [42] A FAST pattern matching algorithm
    Sheik, SS
    Aggarwal, SK
    Poddar, A
    Balakrishnan, N
    Sekar, K
    JOURNAL OF CHEMICAL INFORMATION AND COMPUTER SCIENCES, 2004, 44 (04): : 1251 - 1256
  • [43] An effective algorithm for the membership problem for extended regular expressions
    Rosu, Grigore
    Foundations of Software Science and Computational Structures, Proceedings, 2007, 4423 : 332 - 345
  • [44] Parallelization on a Minimal Substring Search Algorithm for Regular Expressions
    Obe, Yosuke
    Yamamoto, Hiroaki
    Fujiwara, Hiroshi
    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2023, E106D (05) : 952 - 958
  • [45] An improved algorithm for the membership problem for extended regular expressions
    Kupferman, O
    Zuhovitzky, S
    MATHEMATICAL FOUNDATIONS OF COMPUTER SCIENCE 2002, 2002, 2420 : 446 - 458
  • [46] High Throughput Regular Expression Matching Algorithm
    Guo, Huifang
    Jiang, Kunpeng
    2015 INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND COMMUNICATION NETWORKS (CICN), 2015, : 368 - 372
  • [47] A new regular grammar pattern matching algorithm
    Watson, BW
    THEORETICAL COMPUTER SCIENCE, 2003, 299 (1-3) : 509 - 521
  • [48] A simple matching algorithm for regular bipartite graphs
    Makino, K
    Takabatake, T
    Fujishige, S
    INFORMATION PROCESSING LETTERS, 2002, 84 (04) : 189 - 193
  • [49] A SUBQUADRATIC ALGORITHM FOR APPROXIMATE REGULAR EXPRESSION MATCHING
    WU, S
    MANBER, U
    MYERS, E
    JOURNAL OF ALGORITHMS, 1995, 19 (03) : 346 - 360
  • [50] A Multiple Regular Expressions Matching Architecture for Network Intrusion Detection System
    Zhang, Wei
    Song, Tian
    Wang, Dongsheng
    2008 THIRD INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND NETWORKING IN CHINA, VOLS 1-3, 2008, : 653 - +
12345