Title :
An Efficient Pattern Matching Algorithm for Intrusion Detection Systems
Author :
Anithakumari, S. ; Chithraprasad, D.
Author_Institution :
Dept. of Comput. Sci. & Eng., LBSITW, Kerala
Abstract :
Intrusion detection systems are treated as vital elements of protective measures to computer systems and networks from abuse. The drastic increase in network speed and detection workloads necessitates the need for highly efficient network intrusion detection systems(NIDS). Since most NIDSs need to check for a large number of known attack patterns in every packet, pattern matching becomes the most significant part of signature-based NIDSs in terms of processing and memory resources. To support segmentation of network traffic and to detect fragmented attacks, we propose a method which performs both ´partial´ and ´full´ pattern matching using the data structure CDAWG (Compact Direct Acyclic Word Graph). In the present work, we designed and implemented an efficient string matching algorithm using CDAWG structure. Experimental results show that this algorithm is 2.5 times faster than the currently used Aho-Corasick algorithm.
Keywords :
data structures; digital signatures; security of data; string matching; CDAWG data structure; attack pattern; compact direct acyclic word graph; fragmented attack detection; network intrusion detection system; network traffic; pattern matching algorithm; signature-based NIDS; string matching algorithm; Computer networks; Computer science; Data structures; Databases; Intrusion detection; Monitoring; Pattern matching; Protocols; Telecommunication traffic; Testing; Aho-Corasick; Boyer-Moore; Dawg structure; Snort; intrusion detection; pattern matching; rule database;
Conference_Titel :
Advance Computing Conference, 2009. IACC 2009. IEEE International
Conference_Location :
Patiala
Print_ISBN :
978-1-4244-2927-1
Electronic_ISBN :
978-1-4244-2928-8
DOI :
10.1109/IADCC.2009.4809011