Two Enhanced BM Algorithm in Pattern Matching

Data packet capturing and analysis are two of the most important components in the intrusion detection system (IDS). However the speed of data packet capture and analysis doesn´t match the network application, which causes a general problem in IDS and the ratio of data packet lost is quite high. Various intrusion detection technologies are widely used to solve this problem. In those technologies, the pattern matching based on knowledge is the most popular technology. It compares a series of attack characteristic with user´s activity that has already been discovered, and then intrusion will be detected. Its match speed affects the rate of drop packet, and false alarm, the accuracy and the real-time performance of system in a direct way. It plays an essential role in the efficiency of intrusion detection system. As network speed and capacity is growing rapid, it is necessary to improve the algorithm of pattern matching to follow the currency. This article describes a quite mature algorithm in the intrusion detection system-BM algorithm, based on which some improvements have been proposed.