A Multiple Pattern Matching Scheme to Improve Rule Application Performance

Vol. 18, No. 3, pp. 79-88, Jun. 2008
10.13089/JKIISC.2008.18.3.79, Full Text:
Keywords: multiple pattern matching, rule application, Intrusion Detection
Abstract

On the internet, the NIDS(Network Intrusion Detection System) has been widely deployed to protect the internal network. The NIDS builds a set of rules with analysis results on illegal packets and filters them using the rules, thus protecting the internal system. The number of rules is ever increasing as the attacks are becoming more widespread and well organized these days. As a result, the performance degradation has been found severe in the rule application fer the NIDS. In this paper, we propose a multiple pattern matching scheme to improve rule application performance. Then we compare our algorithm with Wu-Mantel algorithm which is known to do high performance multi-pattern matching.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
J. Lee and H. Kim, "A Multiple Pattern Matching Scheme to Improve Rule Application Performance," Journal of The Korea Institute of Information Security and Cryptology, vol. 18, no. 3, pp. 79-88, 2008. DOI: 10.13089/JKIISC.2008.18.3.79.

[ACM Style]
Jae-Kook Lee and Hyong-Shik Kim. 2008. A Multiple Pattern Matching Scheme to Improve Rule Application Performance. Journal of The Korea Institute of Information Security and Cryptology, 18, 3, (2008), 79-88. DOI: 10.13089/JKIISC.2008.18.3.79.