Title :
Concurrent multiple-patterns snooping for intrusion detection systems
Author :
Sheu, Simon ; Chang, Alan ; Chen, Chang-Zhuo
Author_Institution :
Dept. of Comput. Sci., Nat. Tsing Hua Univ., Hsinchu, Taiwan
Abstract :
Intrusion detection systems (IDSs) are the effective means to foil malicious attacks over the network. The capacity of these systems mainly depends on the efficiency of the underlying multiple-patterns detection algorithms. In this paper, we extend our early single pattern matching scheme, comparison tree (CT), to work on concurrent multiple patterns detection problem. We discuss how to exploit various compression techniques to conserve the memory usage for better speed tradeoffs on commodity CPUs. The experiments from realistic workloads evidence that our new design can significantly speed up the detection at the minimal memory cost among the existing competitors. Moderate additional memory space will allow further speed gain.
Keywords :
data compression; pattern matching; security of data; comparison tree; compression techniques; concurrent multiple pattern detection; concurrent multiple-patterns snooping; intrusion detection systems; malicious attacks; multiple-pattern detection; single pattern matching; Acceleration; Bandwidth; Computer science; Costs; Detection algorithms; Hardware; Home appliances; Intrusion detection; Pattern matching; Payloads;
Conference_Titel :
Emerging Information Technology Conference, 2005.
Print_ISBN :
0-7803-9328-7
DOI :
10.1109/EITC.2005.1544361
