Title :
Pattern matching technique on fragmented and Out-of-Order packet streams for Intrusion Detection System
Author :
Kumar, Manoj ; Hanumanthappa, M. ; Kumar, T.V.S.
Author_Institution :
Dept. of Master of Comput. Applic., Bangalore Univ., Bangalore, India
Abstract :
Fragmentation is the term given to the process of breaking down an IP datagram into smaller packets to be transmitted over different types of network media and then reassembling them at the other end. In most cases, depending upon the actual security device defending the network, there are typically multiple fragmentation techniques and packet size combinations capable of squeezing and exploiting protection device on a network. In this paper we present an efficient algorithm for regular expression matching on streams with fragmented and out of order data, while maintaining a small state and without complete stream reconstruction. It improves the performance of Intrusion Detection System for detecting the fragmented and Out-of-Order packet attack.
Keywords :
pattern matching; security of data; IP datagram; fragmented attack detection; fragmented packet streams; intrusion detection system; multiple fragmentation techniques; network media; out-of-order packet attack detection; out-of-order packet streams; packet size combinations; pattern matching technique; regular expression matching; security device; Automata; Computers; Doped fiber amplifiers; IP networks; Intrusion detection; Ports (Computers); Silicon; Deterministic Finite Automata (DFA); Intrusion Detection System(IDS); Maximum Transmission Unit (MTU); Network Intrusion Detection Syterm(NIDS);
Conference_Titel :
Computer Communication and Informatics (ICCCI), 2013 International Conference on
Conference_Location :
Coimbatore
Print_ISBN :
978-1-4673-2906-4
DOI :
10.1109/ICCCI.2013.6466108
