Approximate reduction of finite automata for high-speed network intrusion detection

被引:4
|
作者
Ceska, Milan [1 ]
Havlena, Vojtech [1 ]
Holik, Lukas [1 ]
Lengal, Ondrej [1 ]
Vojnar, Tomas [1 ]
机构
[1] Brno Univ Technol, FIT, Ctr Excellence IT4Innovat, Brno, Czech Republic
来源
INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER | 2020年 / 22卷 / 05期
关键词
Reduction; Nondeterministic finite automata; Deep packet inspection; High-speed network monitoring; ARCHITECTURE;
D O I
10.1007/s10009-019-00520-8
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We consider the problem ofapproximate reduction of non-deterministic automatathat appear in hardware-accelerated network intrusion detection systems (NIDSes). We define an errordistanceof a reduced automaton from the original one as the probability of packets being incorrectly classified by the reduced automaton (wrt the probabilistic distribution of packets in the network traffic). We use this notion to design anapproximate reduction procedurethat achieves a great size reduction (much beyond the state-of-the-art language-preserving techniques) with a controlled and small error. We have implemented our approach and evaluated it on use cases fromSnort, a popular NIDS. Our results provide experimental evidence that the method can be highly efficient in practice, allowing NIDSes to follow the rapid growth in the speed of networks.
引用
下载
收藏
页码:523 / 539
页数:17
相关论文
共 50 条
  • [41] Field testing of intrusion detection technologies for high-speed rail crossings
    Blacketer, R
    Zaworski, JR
    Hunter-Zaworski, KM
    TRAFFIC CONTROL DEVICES, VISIBILITY, AND RAIL-HIGHWAY GRADE CROSSINGS 2005, 2005, (1918): : 10 - 17
  • [42] Intrusion Detection in High-Speed Big Data Networks: A Comprehensive Approach
    Siddique, Kamran
    Akhtar, Zahid
    Kim, Yangwoo
    ADVANCES IN COMPUTER SCIENCE AND UBIQUITOUS COMPUTING, 2018, 474 : 1364 - 1370
  • [43] Comparative Study on Perimeter Intrusion Detection System of High-speed Railway
    WANG Rui
    LIANG Mingzhou
    LIU Xiaofeng
    SHI Tianyun
    Instrumentation, 2020, 7 (01) : 42 - 50
  • [44] Intrusion Detection using Decision Tree Model in High-Speed Environment
    Rathore, M. Mazhar
    Saeed, Faisal
    Rehman, Abdul
    Paul, Anand
    Daniel, Alfred
    IEEE INTERNATIONAL CONFERENCE ON SOFT-COMPUTING AND NETWORK SECURITY (ICSNS 2018), 2018, : 301 - 305
  • [45] Improving the Speed of the Network Intrusion Detection
    Sadeghi, Zahra
    Bahrami, Asadollah Shah
    2013 5TH CONFERENCE ON INFORMATION AND KNOWLEDGE TECHNOLOGY (IKT), 2013, : 88 - 91
  • [46] A survey on Finite Automata Based Pattern Matching Techniques for Network Intrusion Detection System (NIDS)
    Rathod, Prashantkumar M.
    Marathe, Nilesh
    Vidhate, Amarsinh V.
    2014 INTERNATIONAL CONFERENCE ON ADVANCES IN ELECTRONICS, COMPUTERS AND COMMUNICATIONS (ICAECC), 2014,
  • [47] Intensive packet domain mining engine (IPDME) A high-speed pre-processor for network intrusion detection
    Velliangiri, S.
    INTERNATIONAL JOURNAL OF INTELLIGENT UNMANNED SYSTEMS, 2019, 7 (04) : 135 - 149
  • [48] High-Speed Network DDoS Attack Detection: A Survey
    Haseeb-ur-rehman, Rana M. Abdul
    Aman, Azana Hafizah Mohd
    Hasan, Mohammad Kamrul
    Ariffin, Khairul Akram Zainol
    Namoun, Abdallah
    Tufail, Ali
    Kim, Ki-Hyung
    SENSORS, 2023, 23 (15)
  • [49] A High Speed Network Intrusion Detection System Based On FPGA Circuits
    Baba-ali, Ahmed Riadh
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2009, 9 (11): : 301 - 304
  • [50] Virtualization Efficacy for Network Intrusion Detection Systems in High Speed Environment
    Akhlaq, Monis
    Alserhani, Faeiz
    Awan, Irfan U.
    Mellor, John
    Cullen, Andrea J.
    Mirchandani, Pravin
    INFORMATION SECURITY AND DIGITAL FORENSICS, 2010, 41 : 26 - +
12345