会议专题

EFFICIENT MULTIPLE PATTERN MATCHING ALGORITHMS FOR NETWORK INTRUSION DETECTION SYSTEMS

Multiple pattern matching algorithms are essential engines of Network Intrusion Detection Systems (NIDSs) to inspect packets for occurrences of malicious patterns. For a set of patterns, the multiple pattern matching algorithms usually build a trie data structure. In this paper, we propose efficient implementations of the multiple pattern matching algorithms widely used in NIDSs by using a linearized compact trie. This linearized compact trie is an array representation of a compact trie and guarantees a size linear to the number of patterns with little loss of lookup time. Thus, our implementations achieve compact sizes with fast time, so it is useful to hardware embedding and cache exploiting.

trie multiple pattern matching Aho-Corasick u-Manber network intrusion detection

Sunho Lee Dong Kyue Kim

Department of Electronics and Communications Engineering, Hanyang University, Seoul

国际会议

2009 IEEE International Conference on Network Infrastructure and Digital Content(2009年IEEE网络基础设施与数字内容国际会议 IEEE IC-NIDC2009)

北京

英文

609-613

2009-11-06(万方平台首次上网日期,不代表论文的发表时间)