Title :
Analyze and Improvement of BM Algorithm
Author :
Yang Tong ; Wang Si-si ; Qiao Xiang-dong ; Chen Qi
Author_Institution :
Telecommun. Eng. Inst., Air force Eng. Univ., Xi´an, China
Abstract :
When network is overload, snort spends a lot of time to matching rules. The algorithm determines the performance of intrusion detection system to a large extent. Snort adopts BM algorithm in default, in order to enhance the efficiency of network intrusion detection system which is based on snort, this paper analyzes BM algorithm firstly, and proposes an improved algorithm. Secondly, this thesis compares the two algorithms (BM algorithm and the improved BM algorithm) theoretically, and does a quantitative description of the extent of the improved BM algorithm according to the experimental results. Finally, the improve BM algorithm is applied to the network intrusion detection system, and have achieved good results.
Keywords :
security of data; string matching; BM algorithm improvement; Boyer-Moore algorithm; matching rules; network intrusion detection system; overload network; snort network; Algorithm design and analysis; Costs; Educational institutions; Inspection; Intrusion detection; Pattern analysis; Pattern matching; Protocols;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing, 2009. WiCom '09. 5th International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-3692-7
Electronic_ISBN :
978-1-4244-3693-4
DOI :
10.1109/WICOM.2009.5302544
