An Efficient Pattern Matching Algorithm for Intrusion Detection Systems

被引:1
|
作者
Anithakumari, S. [1 ]
Chithraprasad, D. [2 ]
机构
[1] LBSITW, Dept Comp Sci & Engg, Thiruvananthapuram, Kerala, India
[2] TKM Coll Egg, Dept Comp Engn & Sci, Kollam, Kerala, India
来源
2009 IEEE INTERNATIONAL ADVANCE COMPUTING CONFERENCE, VOLS 1-3 | 2009年
关键词
intrusion detection; pattern matching; Snort; rule database; Boyer-Moore; Aho-Corasick; Dawg structure;
D O I
10.1109/IADCC.2009.4809011
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Intrusion detection systems are treated as vital elements of protective measures to computer systems, and networks from abuse. The drastic increase in network speed and detection workloads necessitates the need for highly efficient Network Intrusion Detection Systems(NIDS). Since most NIDSs need to check for a large number of known attack patterns in every packet, pattern matching becomes the most significant part of signature-based NIDSs in terms of processing and memory resources. To support segmentation of network traffic and to detect fragmented attacks, we propose a method which performs both 'partial' and 'full' pattern matching using the data structure CDAWG (Compact Direct Acyclic Word Graph). In the present work, we designed and implemented an efficient string matching algorithm using CDAWG structure. Experimental results show that this algorithm is 2.5 times faster than the currently used Aho-Corasick algorithm.
引用
收藏
页码:223 / +
页数:3
相关论文
共 50 条
  • [1] Efficient Pattern Matching Algorithm for Intrusion Detection Systems
    Yang, Wenjun
    [J]. SENSORS, MECHATRONICS AND AUTOMATION, 2014, 511-512 : 1178 - 1184
  • [2] Efficient Pattern Matching on GPUs for Intrusion Detection Systems
    Tumeo, Antonino
    Villa, Oreste
    Sciuto, Donatella
    [J]. PROCEEDINGS OF THE 2010 COMPUTING FRONTIERS CONFERENCE (CF 2010), 2010, : 87 - 88
  • [3] EFFICIENT MULTIPLE PATTERN MATCHING ALGORITHMS FOR NETWORK INTRUSION DETECTION SYSTEMS
    Lee, Sunho
    Kim, Dong Kyue
    [J]. 2009 IEEE INTERNATIONAL CONFERENCE ON NETWORK INFRASTRUCTURE AND DIGITAL CONTENT, PROCEEDINGS, 2009, : 609 - 613
  • [4] An Effective Pattern Matching Algorithm for Intrusion Detection
    Zhang, Qing-Qing
    Zhang, Qian
    Feng, Yue-jiang
    [J]. MECHATRONICS ENGINEERING, COMPUTING AND INFORMATION TECHNOLOGY, 2014, 556-562 : 3010 - +
  • [5] IMPROVEMENT OF ALGORITHM FOR PATTERN MATCHING IN INTRUSION DETECTION
    Zhao, Dongcan
    Zhu, Xiaomin
    Xu, Tong
    [J]. 2013 5TH IEEE INTERNATIONAL CONFERENCE ON BROADBAND NETWORK & MULTIMEDIA TECHNOLOGY (IC-BNMT), 2013, : 281 - 284
  • [6] Improved Algorithm of pattern matching for Intrusion Detection
    Liu Zhen
    Xu Su
    Zhang Jue
    [J]. MINES 2009: FIRST INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY, VOL 2, PROCEEDINGS, 2009, : 446 - 449
  • [7] The improving pattern matching algorithm of intrusion detection
    Qu, Zhaoyang
    Huang, Xiaobo
    [J]. CEIS 2011, 2011, 15
  • [8] A Survey of Pattern Matching Algorithm in Intrusion Detection System
    Gharaee, Hossein
    Seifi, Shokoufeh
    Monsefan, Nima
    [J]. 2014 7th International Symposium on Telecommunications (IST), 2014, : 946 - 953
  • [9] An Improved Pattern Matching Algorithm in the Intrusion Detection System
    Zhang Ping
    Liu Jianghui
    [J]. MEASURING TECHNOLOGY AND MECHATRONICS AUTOMATION, PTS 1 AND 2, 2011, 48-49 : 203 - +
  • [10] Memory-Efficient String Matching for Intrusion Detection Systems using a High-Precision Pattern Grouping Algorithm
    Vakili, Shervin
    Langlois, J. M. Pierre
    Boughzala, Bochra
    Savaria, Yvon
    [J]. PROCEEDINGS OF THE 2016 SYMPOSIUM ON ARCHITECTURES FOR NETWORKING AND COMMUNICATIONS SYSTEMS (ANCS'16), 2016, : 37 - 42
12345