A Memory-Efficient Parallel String Matching for Intrusion Detection Systems

被引：12

作者：

Kim, HyunJin ^{[1
]}

Hong, Hyejeong ^{[1
]}

Kim, Hong-Sik ^{[1
]}

Kang, Sungho ^{[1
]}

机构：

[1] Yonsei Univ, Dept Elect & Elect Engn, Seoul 120749, South Korea

来源：

IEEE COMMUNICATIONS LETTERS | 2009年 / 13卷 / 12期

关键词：

Computer network security; finite state machines; site security monitoring; string matching;

D O I：

10.1109/LCOMM.2009.12.082230

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

As the variety of hazardous packet payload contents increases, the intrusion detection system (IDS) should he able to detect numerous patterns in real time. For this reason, this paper proposes an Aho-Corasick algorithm based parallel string matching. In order to balance memory usage between homogeneous finite-state machine (FSM) tiles for each string matcher, an optimal set of bit position groups is determined. Target patterns are sorted by binary-reflected gray code (BRGC), which reduces bit transitions in patterns mapped onto a string matcher. In the evaluations of Snort rules, the proposed string matching outperforms the existing bit-split string matching.

引用

页码：1004 / 1006

页数：3

共 50 条

[1] A memory-efficient parallel string matching architecture for high-speed intrusion detection
Lu, Hongbin
Zheng, Kai
Liu, Bin
Zhang, Xin
Liu, Yunhao
[J]. IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, 2006, 24 (10) : 1793 - 1804
[2] A Time- and Memory-Efficient String Matching Algorithm for Intrusion Detection Systems
Sheu, Tzu-Fang
Huang, Nen-Fu
Lee, Hsiao-Ping
[J]. GLOBECOM 2006 - 2006 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, 2006,
[3] Deterministic memory-efficient string matching algorithms for intrusion detection
Tuck, N
Sherwood, T
Calder, B
Varghese, G
[J]. IEEE INFOCOM 2004: THE CONFERENCE ON COMPUTER COMMUNICATIONS, VOLS 1-4, PROCEEDINGS, 2004, : 2628 - 2639
[4] A Memory-Efficient Bit-Split Parallel String Matching Using Pattern Dividing for Intrusion Detection Systems
Kim, Hyun Jin
Kim, Hong-Sik
Kang, Sungho
[J]. IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2011, 22 (11) : 1904 - 1911
[5] Memory-Efficient String Matching for Intrusion Detection Systems using a High-Precision Pattern Grouping Algorithm
Vakili, Shervin
Langlois, J. M. Pierre
Boughzala, Bochra
Savaria, Yvon
[J]. PROCEEDINGS OF THE 2016 SYMPOSIUM ON ARCHITECTURES FOR NETWORKING AND COMMUNICATIONS SYSTEMS (ANCS'16), 2016, : 37 - 42
[6] Piranha: Fast and memory-efficient pattern matching for intrusion detection
Antonatos, S
Polychronakis, M
Akritidis, P
Anagnostakis, KG
Markatos, EP
[J]. SECURITY AND PRIVACY IN THE AGE OF UBIQUITOUS COMPUTING, 2005, 181 : 393 - 408
[7] A Pattern Partitioning Algorithm for Memory-Efficient Parallel String Matching in Deep Packet Inspection
Kim, HyunJin
Hong, Hyejeong
Baek, Dongmyoung
Kang, Sungho
[J]. IEICE TRANSACTIONS ON COMMUNICATIONS, 2010, E93B (06) : 1612 - 1614
[8] A Memory-Efficient and Modular Approach for String Matching on FPGAs
Le, Hoang
Prasanna, Viktor K.
[J]. 2010 18TH IEEE ANNUAL INTERNATIONAL SYMPOSIUM ON FIELD-PROGRAMMABLE CUSTOM COMPUTING MACHINES (FCCM 2010), 2010, : 193 - 200
[9] Memory-efficient parallel string matching scheme using distributed pattern grouping without matching vectors
Kim, HyunJin
[J]. ELECTRONICS LETTERS, 2016, 52 (13) : 1124 - 1125
[10] Design and evaluation of parallel string matching algorithms for network intrusion detection systems
Kwok, Tyrone Tai-On
Kwok, Yu-Kwong
[J]. NETWORK AND PARALLEL COMPUTING, PROCEEDINGS, 2007, 4672 : 344 - +

← 1 2 3 4 5 →