• Corpus ID: 9614146

High Performance Pattern Matching Algorithm for Network Security

@inproceedings{Wang2006HighPP,
  title={High Performance Pattern Matching Algorithm for Network Security},
  author={Yanguo Wang and Hidetsune Kobayashi},
  year={2006}
}
Summary Many network security applications rely on pattern matching to extract the threat from network traffic. The increase in network speed and traffic may make existing algorithms to become a performance bottleneck. Therefore, it is very necessary to develop faster and more efficient pattern matching algorithms in order to overcome the troubles on performance. In this paper, we present a new pattern matching algorithm. The improved algorithm and its working process are described in detail… 

Tables from this paper

Network Security Based On Pattern Matching: An Overview
TLDR
A pattern matching IDS for network security has been proposed in this paper and it is very necessary to develop faster and more efficient pattern matching algorithm in order to overcome the troubles on performance.
A Multi-Fusion Pattern Matching Algorithm for Signature-Based Network Intrusion Detection System
TLDR
The results obtained in percentages from the proposed fusion algorithm given better values in terms processing time in milliseconds than the existing algorithms when data English text are applied to evaluate the fusion performances.
Performance Study of the Running Times of well known Pattern Matching Algorithms for Signature-based Intrusion Detection Systems
TLDR
This paper presents a performance study of the running times of different well known pattern matching algorithms using multiple sliding windows approach.
Applying an Efficient Searching Algorithm for Intrusion Detection on Ubicom Network Processor
TLDR
In this paper, common searching algorithms (string matching, Native, Boyer Moore and pattern matching algorithms) are examined on Ubicom Network Processor which is intended to be used as Network Intrusion Detection System (NIDS).
Content-Split Based Effective String-Matching for Multi-Core Based Intrusion Detection Systems
  • S. NeelakantanShrisha Rao
  • Computer Science
    2009 First International Conference on Computational Intelligence, Communication Systems and Networks
  • 2009
TLDR
A Content Split Approach, tailored specifically for signature-based network intrusion detection, logically partition the content of IP Packets into three parts and internally uses boyer-moorehorspool algorithm to carry out string-matching simultaneously on these parts.
A two way pattern matching algorithm using sliding patterns
TLDR
This paper presents an efficient pattern matching algorithm based on preprocessing of the pattern string by considering three consecutive characters of the text that immediately follow the aligned pattern window in an event of mismatch between pattern and text character.
High performance pattern search algorithm using three sliding windows
TLDR
An efficient pattern matching algorithm based on preprocessing of the pattern string by considering three consecutive characters of the text that immediately follow the aligned pattern window in an event of mismatch between pattern and text character is presented.
An Improved Pattern Matching Algorithm Based on BMHS
TLDR
The improved algorithm takes advantage of position information of the last character and its adjacent character in current attempt window to get bigger jump distance in each jump so to make the algorithm more efficient.
A Fast Pattern Matching Algorithm with Two Sliding Windows (TSW)
TLDR
The experimental results show that TSW algorithm is superior to other algorithms especially when the pattern occurs at the end of the text.
...
...

References

SHOWING 1-10 OF 18 REFERENCES
E2xB: A Domain-Specific String Matching Algorithm for Intrusion Detection
TLDR
E 2 xB is designed, a string matching algorithm that is tailored to the specific characteristics of NIDS string matching that improves NIDS performance by 10%–36%, while for certain ruleset and traffic patterns string matching performance can be improved by as much as a factor of three.
Exclusion-based Signature Matching for Intrusion Detection
TLDR
ExB is designed, a string matching algorithm tailored to the specific characteristics of NIDS string matching, and implemented in snort and experiments suggest that ExB offers improvements in overall system performance by as much as a factor of three.
Configurable string matching hardware for speeding up intrusion detection
TLDR
A configurable string matching accelerator is developed with the focus on increasing throughput while maintaining the configurability provided by the software IDSs.
Generating realistic workloads for network intrusion detection systems
TLDR
A workload model is developed that appears to provide reasonably accurate estimates compared to real workloads for nIDS performance evaluation and is implemented as part of a traffic generator that can be extended and tuned to reflect the needs of different scenarios.
Cost-based modeling for fraud and intrusion detection: results from the JAM project
TLDR
There is clear evidence that state-of-the-art commercial fraud detection systems can be substantially improved in stopping losses due to fraud by combining multiple models of fraudulent transaction shared among banks.
A fast string searching algorithm
TLDR
The algorithm has the unusual property that, in most cases, not all of the first <italic>i</italic) characters of a character string, “<italic>.” in another string, are inspected.
Algorithms and Theory of Computation Handbook
  • M. Atallah
  • Computer Science
    Chapman & Hall/CRC Applied Algorithms and Data Structures series
  • 1999
TLDR
This edition now covers external memory, parameterized, self-stabilizing, and pricing algorithms as well as the theories of algorithmic coding, privacy and anonymity, databases, computational games, and communication networks.
Practical fast searching in strings
TLDR
It is discovered that a method developed by Boyer and Moore can outperform even special‐purpose search instructions that may be built into the computer hardware for very short substrings.
A String Matching Algorithm Fast on the Average
...
...