EFFICIENT MULTIPLE PATTERN MATCHING ALGORITHMS FOR NETWORK INTRUSION DETECTION SYSTEMS

被引:36
|
作者
Lee, Sunho [1 ]
Kim, Dong Kyue [1 ]
机构
[1] Hanyang Univ, Dept Elect & Commun Engn, Seoul 133791, South Korea
来源
2009 IEEE INTERNATIONAL CONFERENCE ON NETWORK INFRASTRUCTURE AND DIGITAL CONTENT, PROCEEDINGS | 2009年
关键词
trie; multiple pattern matching; Aho-Corasick; Wu-Manber; network intrusion detection;
D O I
10.1109/ICNIDC.2009.5360944
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Multiple pattern matching algorithms are essential engines of Network Intrusion Detection Systems (NIDSs) to inspect packets for occurrences of malicious patterns. For a set of patterns, the Multiple pattern matching algorithms Usually build a trie data structure. In this paper, we propose efficient implementations of the multiple pattern matching algorithms widely used in NIDSs by using a linearized compact trie. This linearized compact trie is an array representation of a compact trie and guarantees a size linear to the number of patterns with little loss of lookup time. Thus, Our implementations achieve compact sizes with fast time, so it is useful to hardware embedding and cache exploiting.
引用
收藏
页码:609 / 613
页数:5
相关论文
共 50 条
  • [41] A parameterized multilevel pattern matching architecture on FPGAs for network intrusion detection and prevention
    Song Tian
    Wang DongSheng
    Tang ZhiZhong
    [J]. SCIENCE IN CHINA SERIES F-INFORMATION SCIENCES, 2009, 52 (06): : 949 - 963
  • [42] A parameterized multilevel pattern matching architecture on FPGAs for network intrusion detection and prevention
    SONG Tian1
    2 Department of Computer Science and Technology
    [J]. Science China(Information Sciences), 2009, (06) : 949 - 963
  • [43] A parameterized multilevel pattern matching architecture on FPGAs for network intrusion detection and prevention
    Tian Song
    DongSheng Wang
    ZhiZhong Tang
    [J]. Science in China Series F: Information Sciences, 2009, 52 : 949 - 963
  • [44] A parameterized multilevel pattern matching architecture on FPGAs for network intrusion detection and prevention
    SONG Tian WANG DongSheng TANG ZhiZhong School of Computer Science and Technology Beijing Institute of Technology Beijing China Department of Computer Science and Technology Tsinghua University Beijing China
    [J]. Science in China(Series F:Information Sciences), 2009, 52 (06) : 949 - 963
  • [45] EFFICIENT PATTERN MATCHING ALGORITHMS IN IDS
    Salve, Vandana B.
    Savalkar, Vishwayogita
    Mhatre, Sonali
    [J]. PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON INVENTIVE SYSTEMS AND CONTROL (ICISC 2018), 2018, : 1083 - 1089
  • [46] A Memory-Efficient Parallel String Matching for Intrusion Detection Systems
    Kim, HyunJin
    Hong, Hyejeong
    Kim, Hong-Sik
    Kang, Sungho
    [J]. IEEE COMMUNICATIONS LETTERS, 2009, 13 (12) : 1004 - 1006
  • [47] On the fly pattern matching for intrusion detection with Snort
    Abbes, T
    Bouhoula, A
    Rusinowitch, M
    [J]. ANNALS OF TELECOMMUNICATIONS, 2004, 59 (9-10) : 1045 - 1071
  • [48] Robust and Fast Pattern Matching for Intrusion Detection
    Namjoshi, Kedar
    Narlikar, Girija
    [J]. 2010 PROCEEDINGS IEEE INFOCOM, 2010,
  • [49] An Effective Pattern Matching Algorithm for Intrusion Detection
    Zhang, Qing-Qing
    Zhang, Qian
    Feng, Yue-jiang
    [J]. MECHATRONICS ENGINEERING, COMPUTING AND INFORMATION TECHNOLOGY, 2014, 556-562 : 3010 - +
  • [50] IMPROVEMENT OF ALGORITHM FOR PATTERN MATCHING IN INTRUSION DETECTION
    Zhao, Dongcan
    Zhu, Xiaomin
    Xu, Tong
    [J]. 2013 5TH IEEE INTERNATIONAL CONFERENCE ON BROADBAND NETWORK & MULTIMEDIA TECHNOLOGY (IC-BNMT), 2013, : 281 - 284
12345