EFFICIENT MULTIPLE PATTERN MATCHING ALGORITHMS FOR NETWORK INTRUSION DETECTION SYSTEMS
Multiple pattern matching algorithms are essential engines of Network Intrusion Detection Systems (NIDSs) to inspect packets for occurrences of malicious patterns. For a set of patterns, the multiple pattern matching algorithms usually build a trie data structure. In this paper, we propose efficient implementations of the multiple pattern matching algorithms widely used in NIDSs by using a linearized compact trie. This linearized compact trie is an array representation of a compact trie and guarantees a size linear to the number of patterns with little loss of lookup time. Thus, our implementations achieve compact sizes with fast time, so it is useful to hardware embedding and cache exploiting.
trie multiple pattern matching Aho-Corasick u-Manber network intrusion detection
Sunho Lee Dong Kyue Kim
Department of Electronics and Communications Engineering, Hanyang University, Seoul
国际会议
北京
英文
609-613
2009-11-06(万方平台首次上网日期,不代表论文的发表时间)