An Efficient Automaton Based Matching Algorithm and Its Application in Intrusion Detection System
نویسندگان
چکیده
String matching is a classical problem in computer science. It’s essential for network content security applications, and the technique is widely applied in the pattern recognition, spelling checking, intrusion detection, worm containment, information security and so on. In this paper, a new algorithm is proposed to construct smallest suffix automaton to achieve high performance and efficient string matching. The suffix automaton construction on a set of strings is similar to the AC automaton construction. However, the difference of the smallest suffix automaton appears when going down the supply path looking for an outgoing transition. Experimental results show that the presented algorithm outperforms existing solutions in most cases.
منابع مشابه
A Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملImprovement and parallelization of Snort network intrusion detection mechanism using graphics processing unit
Nowadays, Network Intrusion Detection Systems (NIDS) are widely used to provide full security on computer networks. IDS are categorized into two primary types, including signature-based systems and anomaly-based systems. The former is more commonly used than the latter due to its lower error rate. The core of a signature-based IDS is the pattern matching. This process is inherently a computatio...
متن کاملA Flexible Pattern-Matching Algorithm for Network Intrusion Detection Systems Using Multi-Core Processors
As part of network security processes, network intrusion detection systems (NIDSs) determine whether incoming packets contain malicious patterns. Pattern matching, the key NIDS component, consumes large amounts of execution time. One of several trends involving general-purpose processors (GPPs) is their use in software-based NIDSs. In this paper, we describe our proposal for an efficient and fl...
متن کاملIntrusion Detection based on a Novel Hybrid Learning Approach
Information security and Intrusion Detection System (IDS) plays a critical role in the Internet. IDS is an essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality and system availability against possible threats. In this paper, a hybrid approach towards achieving high performance is proposed. In fact, the important goal of this paper ...
متن کاملAccurate Fruits Fault Detection in Agricultural Goods using an Efficient Algorithm
The main purpose of this paper was to introduce an efficient algorithm for fault identification in fruits images. First, input image was de-noised using the combination of Block Matching and 3D filtering (BM3D) and Principle Component Analysis (PCA) model. Afterward, in order to reduce the size of images and increase the execution speed, refined Discrete Cosine Transform (DCT) algorithm was uti...
متن کامل