| IDS中新的快速多模式匹配算法及其设计 |
| |
| 引用本文: | 宋明秋,张国权,邓贵仕.IDS中新的快速多模式匹配算法及其设计[J].大连理工大学学报,2006,46(4):594-601. |
| |
| 作者姓名: | 宋明秋 张国权 邓贵仕 |
| |
| 作者单位: | 大连理工大学,系统工程研究所,辽宁,大连,116024 |
| |
| 摘 要: | 网络入侵检测依赖于字符串匹配技术.尽管各种有效的字符串匹配技术不断被使用,但字符串匹配过程的消耗仍是入侵监测系统运行的主要系统开销.为了提高入侵监测系统的运行效率和运算能力,提出并设计了新的字符串匹配算法(NMSA).算法采用新的匹配思想,应用启发函数获得优于BM移动步长的新的跳跃,同时采用有限状态模式匹配自动机可同时进行多模式匹配.将算法应用于Snort系统,并和其他算法进行比较,实验证明NMSA整体上提高了系统的效率.
|
| 关 键 词: | 入侵检测 多模式匹配 |
| 文章编号: | 1000-8608(2006)04-0594-08 |
| 收稿时间: | 2005-01-10 |
| 修稿时间: | 2005-01-102006-06-01 |
A new faster multi-pattern matching algorithm and design in IDS |
| |
| SONG Ming-qiu,ZHANG Guo-quan,DENG Gui-shi.A new faster multi-pattern matching algorithm and design in IDS[J].Journal of Dalian University of Technology,2006,46(4):594-601. |
| |
| Authors: | SONG Ming-qiu ZHANG Guo-quan DENG Gui-shi |
| |
| Institution: | Syst. Eng. Inst., Dalian Univ. of Technol., Dalian 116024, China |
| |
| Abstract: | Intrusion Detection System(IDS) often relies on string matching techniques.String matching computations dominate the overall cost of running a IDS,despite the use of efficient general-purpose string matching algorithms.In order to increase the efficiency and capacity of IDS,a new matching string algorithm(NMSA) is designed,which applies both of a new matching idea in the heuristic function to gain longer forward step,and the finite state automaton to carry on multi-pattern matching simultaneously.Then after the implementation of NMSA in Snort, the experiments for comparing NMSA with the best alternative solution are given,which prove that NMSA offers improvements in overall system performance. |
| |
| Keywords: | NMSA intrusion detection multi-pattern matching NMSA |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
