EFFICIENT MULTIPLE PATTERN MATCHING ALGORITHMS FOR NETWORK INTRUSION DETECTION SYSTEMS

被引:36
|
作者
Lee, Sunho [1 ]
Kim, Dong Kyue [1 ]
机构
[1] Hanyang Univ, Dept Elect & Commun Engn, Seoul 133791, South Korea
来源
2009 IEEE INTERNATIONAL CONFERENCE ON NETWORK INFRASTRUCTURE AND DIGITAL CONTENT, PROCEEDINGS | 2009年
关键词
trie; multiple pattern matching; Aho-Corasick; Wu-Manber; network intrusion detection;
D O I
10.1109/ICNIDC.2009.5360944
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Multiple pattern matching algorithms are essential engines of Network Intrusion Detection Systems (NIDSs) to inspect packets for occurrences of malicious patterns. For a set of patterns, the Multiple pattern matching algorithms Usually build a trie data structure. In this paper, we propose efficient implementations of the multiple pattern matching algorithms widely used in NIDSs by using a linearized compact trie. This linearized compact trie is an array representation of a compact trie and guarantees a size linear to the number of patterns with little loss of lookup time. Thus, Our implementations achieve compact sizes with fast time, so it is useful to hardware embedding and cache exploiting.
引用
收藏
页码:609 / 613
页数:5
相关论文
共 50 条
  • [1] Algorithms to speedup pattern matching for network intrusion detection systems
    Zheng, Kai
    Cai, Zhiping
    Zhang, Xin
    Wang, Zhijun
    Yang, Baohua
    [J]. COMPUTER COMMUNICATIONS, 2015, 62 : 47 - 58
  • [2] ANALYSIS OF PATTERN MATCHING ALGORITHMS IN NETWORK INTRUSION DETECTION SYSTEMS
    Dagar, Vishwajeet
    Prakash, Vatsal
    Bhatia, Tarunpreet
    [J]. 2016 2ND INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATION, & AUTOMATION (ICACCA) (FALL), 2016, : 169 - 173
  • [3] Research on Efficient Pattern Matching Algorithms in Intrusion Detection System
    Liu-xiaoxing
    Yu-ning
    [J]. 2014 7TH INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTATION TECHNOLOGY AND AUTOMATION (ICICTA), 2014, : 509 - 512
  • [4] Efficient Pattern Matching Algorithm for Intrusion Detection Systems
    Yang, Wenjun
    [J]. SENSORS, MECHATRONICS AND AUTOMATION, 2014, 511-512 : 1178 - 1184
  • [5] An Efficient Pattern Matching Algorithm for Intrusion Detection Systems
    Anithakumari, S.
    Chithraprasad, D.
    [J]. 2009 IEEE INTERNATIONAL ADVANCE COMPUTING CONFERENCE, VOLS 1-3, 2009, : 223 - +
  • [6] Efficient Pattern Matching on GPUs for Intrusion Detection Systems
    Tumeo, Antonino
    Villa, Oreste
    Sciuto, Donatella
    [J]. PROCEEDINGS OF THE 2010 COMPUTING FRONTIERS CONFERENCE (CF 2010), 2010, : 87 - 88
  • [7] Pattern matching acceleration for network intrusion detection systems
    Kim, S
    [J]. EMBEDDED COMPUTER SYSTEMS: ARCHITECTURES, MODELING, AND SIMULATION, 2005, 3553 : 289 - 298
  • [8] Efficient hardware support for pattern matching in network intrusion detection
    Guinde, Nitesh B.
    Ziavras, Sotirios G.
    [J]. COMPUTERS & SECURITY, 2010, 29 (07) : 756 - 769
  • [9] Fast and scalable pattern matching for network intrusion detection systems
    Dharmapurikar, Sarang
    Lockwood, John W.
    [J]. IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, 2006, 24 (10) : 1781 - 1792
  • [10] Shift-or circuit for efficient network intrusion detection pattern matching
    Roan, Huang-Chun
    Hwang, Wen-Jyi
    Lo, Chia-Tien Dan
    [J]. 2006 INTERNATIONAL CONFERENCE ON FIELD PROGRAMMABLE LOGIC AND APPLICATIONS, PROCEEDINGS, 2006, : 785 - 790
12345