Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
JSAC
2006
2006
A Memory-Efficient Parallel String Matching Architecture for High-Speed Intrusion Detection
The ability to inspect both packet headers and payloads to identify attack signatures makes network intrusion detection system (NIDS) a promising approach to protect Internet systems. Since most of the known attacks can be represented with strings or combinations of multiple substrings, string matching is a key component, as well as the bottleneck in NIDS to address the requirement of constantly increasing capacity. We propose a memory-efficient multiple-character-approaching architecture consisting of multiple parallel deterministic finite automata (DFAs), called TDP-DFA. By employing efficient representations for the transition rules in each DFA, TDP-DFA significantly reduces the complexity. We also present a novel scheme to share the storage of transition rules among multiple DFAs, substantially decreasing the total storage cost, and avoiding the cost increase being proportional to the number of DFAs. We evaluate this design through theoretical analysis and comprehensive experiments...
Real-time TrafficJSAC 2006 | Memory-efficient Multiple-character-approaching Architecture | Network Intrusion Detection | Transition Rules |
Related Content
| Added | 13 Dec 2010 |
| Updated | 13 Dec 2010 |
| Type | Journal |
| Year | 2006 |
| Where | JSAC |
| Authors | Hongbin Lu, Kai Zheng, Bin Liu, Xin Zhang, Y. Liu |
Comments (0)
Researcher Info
|
