{"title":"一种改进的内容匹配入侵检测系统技术","authors":"Yanguo Wang, H. Kobayashi","doi":"10.1109/SOFTCOM.2006.329755","DOIUrl":null,"url":null,"abstract":"Pattern matching is a comprehensive applicable key technology, which can be used in network security applications such as intrusion detection systems (IDS), firewall, virus detection, etc. Depending on the choice of algorithm, implementation, and the frequency to which it is applied, the pattern matching may become a performance bottleneck due to the increasing network speed and traffic. Therefore, it is very necessary to develop faster and more efficient pattern matching algorithms in order to overcome the troubles on performance. In this paper, we presented a new pattern matching algorithm based on Boyer-Moore algorithm. The improved algorithm and its working process are described in detail. Together with a new concept of reference point, a two-dimensional array NEXT redesigned based on novel generated rules in the pre-processing phase, endorse the algorithm a better performance and more efficient. The algorithm also passed tests and is validated. Our experimental results, two diverse sets of pattern strings tested on two example texts, indicate that this algorithm can enhance the average performance up to 25% ~ 44% compared to Boyer-Moore-Horspool algorithm","PeriodicalId":292242,"journal":{"name":"2006 International Conference on Software in Telecommunications and Computer Networks","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"An Improved Technology for Content Matching Intrusion Detection System\",\"authors\":\"Yanguo Wang, H. Kobayashi\",\"doi\":\"10.1109/SOFTCOM.2006.329755\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Pattern matching is a comprehensive applicable key technology, which can be used in network security applications such as intrusion detection systems (IDS), firewall, virus detection, etc. Depending on the choice of algorithm, implementation, and the frequency to which it is applied, the pattern matching may become a performance bottleneck due to the increasing network speed and traffic. Therefore, it is very necessary to develop faster and more efficient pattern matching algorithms in order to overcome the troubles on performance. In this paper, we presented a new pattern matching algorithm based on Boyer-Moore algorithm. The improved algorithm and its working process are described in detail. Together with a new concept of reference point, a two-dimensional array NEXT redesigned based on novel generated rules in the pre-processing phase, endorse the algorithm a better performance and more efficient. The algorithm also passed tests and is validated. Our experimental results, two diverse sets of pattern strings tested on two example texts, indicate that this algorithm can enhance the average performance up to 25% ~ 44% compared to Boyer-Moore-Horspool algorithm\",\"PeriodicalId\":292242,\"journal\":{\"name\":\"2006 International Conference on Software in Telecommunications and Computer Networks\",\"volume\":\"15 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 International Conference on Software in Telecommunications and Computer Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SOFTCOM.2006.329755\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 International Conference on Software in Telecommunications and Computer Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SOFTCOM.2006.329755","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Improved Technology for Content Matching Intrusion Detection System
Pattern matching is a comprehensive applicable key technology, which can be used in network security applications such as intrusion detection systems (IDS), firewall, virus detection, etc. Depending on the choice of algorithm, implementation, and the frequency to which it is applied, the pattern matching may become a performance bottleneck due to the increasing network speed and traffic. Therefore, it is very necessary to develop faster and more efficient pattern matching algorithms in order to overcome the troubles on performance. In this paper, we presented a new pattern matching algorithm based on Boyer-Moore algorithm. The improved algorithm and its working process are described in detail. Together with a new concept of reference point, a two-dimensional array NEXT redesigned based on novel generated rules in the pre-processing phase, endorse the algorithm a better performance and more efficient. The algorithm also passed tests and is validated. Our experimental results, two diverse sets of pattern strings tested on two example texts, indicate that this algorithm can enhance the average performance up to 25% ~ 44% compared to Boyer-Moore-Horspool algorithm
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
