Title :
Efficient multiple pattern matching algorithms for Network Intrusion Detection Systems
Author :
Lee, Sunho ; Kim, Dong Kyue
Author_Institution :
Dept. of Electron. & Commun. Eng., Hanyang Univ., Seoul, South Korea
Abstract :
Multiple pattern matching algorithms are essential engines of network intrusion detection systems (NIDSs) to inspect packets for occurrences of malicious patterns. For a set of patterns, the multiple pattern matching algorithms usually build a trie data structure. In this paper, we propose efficient implementations of the multiple pattern matching algorithms widely used in NIDSs by using a linearized compact trie. This linearized compact trie is an array representation of a compact trie and guarantees a size linear to the number of patterns with little loss of lookup time. Thus, our implementations achieve compact sizes with fast time, so it is useful to hardware embedding and cache exploiting.
Keywords :
pattern matching; safety systems; security of data; tree data structures; cache exploiting; hardware embedding; linearized compact trie; malicious patterns; multiple pattern matching algorithms; network intrusion detection systems; packets inspection; trie data structure; Adaptive arrays; Data structures; Embedded software; Engines; Hardware; Hydrogen; Intrusion detection; Merging; Pattern matching; Telephony; Aho-Corasick; Wu-Manber; multiple pattern matching; network intrusion detection; trie;
Conference_Titel :
Network Infrastructure and Digital Content, 2009. IC-NIDC 2009. IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-4898-2
Electronic_ISBN :
978-1-4244-4900-6
DOI :
10.1109/ICNIDC.2009.5360944
