Proceedings Article10.1109/ICICISYS.2010.5658784
An improved multiple patterns matching algorithm for intrusion detection
Zhengqiang
- 06 Dec 2010
- Vol. 2, pp 124-127
17
TL;DR: Experimental results show that when pattern group contains a pattern that is less than three bytes, the performance of the improved Wu- manber algorithm is much better than the traditional Wu-Manber algorithm.
read more
Abstract: Pattern matching algorithm is one of the Core algorithms in the detection engine of the intrusion prevention system. Efficiency of the intrusion prevention system is determined by pattern matching algorithm. A survey of the pattern matching algorithm is described in this thesis. The Wu-Manber algorithm which is one of the multi-pattern matching algorithm is explained in detail and the improvement of the Wu-Manber algorithm is presented to improve the efficiency. By dividing the pattern group into two subgroups and dealing with the two subgroups in different methods, the QWM algorithm enhanced the efficiency of pattern matching. Experimental results show that when pattern group contains a pattern that is less than three bytes, the performance of the improved Wu-Manber algorithm is much better than the traditional Wu-Manber algorithm.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A survey of pattern matching algorithm in intrusion detection system
Hossein Gharaee,Shokoufeh Seifi,Nima Monsefan +2 more
- 01 Sep 2014
TL;DR: This article tries to recognize and choose the best algorithms for pattern compatibility operation by surveying, implementing and also collecting all kinds of pattern matching methods so that the best conclusion is reached during matching known attacks with main patterns.
11
Shift-based pattern matching for compressed web traffic
Anat Bremler-Barr,Yaron Koral,Victor Zigdon +2 more
- 04 Jul 2011
TL;DR: A novel algorithm, SPC (Shift-based Pattern matching for Compressed traffic) that accelerates the commonly used Wu-Manber pattern matching algorithm, which is simpler and has higher throughput and lower storage overhead than ACCH.
Detecting very large sets of referenced files at 40/100 GbE, especially MP4 files
TL;DR: This work proposes a parallel implementation of the max-hashing algorithm that enables the detection of millions of referenced files by deep packet inspection over high bandwidth connections and a method to extract high-entropy signatures from MP4 files compatible with themax-hashes algorithm in order to have low false positive rates.
3
Accelerating Pattern Matching Using a Novel Multi-Pattern-Matching Algorithm on GPU
M. Çelebi,Uraz Yavanoglu +1 more
TL;DR: In this paper , a multi-pattern-matching algorithm was proposed to reduce the memory space and time required in the DPI pattern matching compared to traditional automaton-based algorithms with its ability to process more than one packet payload character at once.
2
References
A fast string searching algorithm
TL;DR: The algorithm has the unusual property that, in most cases, not all of the first i.” in another string, are inspected.
New string matching technology for network security
Yuebin Bai,H. Kobayashi +1 more
- 27 Mar 2003
TL;DR: On a basis of Boyer-Moore-Horspool algorithm, a new string matching algorithm is presented in this paper and test results show that the algorithm has better performance than Boyers-Moore algorithm and Boyer, Moore, and Horspool, and more simple and efficient.
15
•Journal Article
The Performance Analysis of Wu-Manber Algorithm and its Improvement
TL;DR: An improvement to the Wu-Manber algorithm is provided to solve the problem of performance falling when the patterns are very short, and the experiment data show that the performance of the improved Wu- manber algorithms is much better than the traditional Wu- Manber algorithm.
3
•Journal Article
Improved multiple patterns string matching algorithm
TL;DR: A faster algorithm for performing multiple patterns matching in a string was proposed on the basis of Aho-Corasick (AC) algorithm, which achieves excellent performance in the cases of both short patterns and long patterns.
1