Abstract
Network Intrusion Detection Systems (NIDS) have become widely recognized as powerful tools for identifying, deterring and deflecting malicious attacks over the network. New generations of network intrusion detection systems create the need for advanced pattern-matching engines. This paper proposes an improved AC algorithm, called Semi-AC. We contribute modifications to the Aho-Corasick string-matching algorithm that drastically reduce the amount of memory required. Its efficiency is close to the standard AC, but the space is saved 50% or more.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Antonatos, S., Anagnostakis, K.G., Markatos, E.P.: Generating realistic workloads for network intrusion detection systems. In: ACM Workshop on Software and Performance (2004)
Aho, A., Corasick, M.: Efficient string matching: An aid to bibliographic search. CACM 18(6), 333–340 (1975)
Knuth, D.E., Moms, J.H., Pratt, V.R.: Fast pattern matching in strings. SIAMJ. Compt. 6(2), 323–350 (1977)
Arikawa, S., Shinohara, T.: A run-time efficient realization of aho-corasick pattern matching machines. New Generation Computing 2(2), 171–186 (1984)
Snort users manual 2.6.0 (2006)
Tuck, N., Sherwood, T., Calder, B., Varghese, G.: Deterministic memory-efficient string matching algorithms for intrusion detection. In: INFOCOM (2004)
Fukamachi, S., Shinohara, T., Takeda, M.: String pattem matching for compressed data using variable length codes(in japanese). Jouhougaku Symposium (1992)
Huffman, D.A.: A method for the construction of minimum-Redundancy codes. In: Proc. IRE, vol. 40, pp. 1098–1101 (1952)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Xu, D., Zhang, H., Hou, M. (2014). The Improved AC High-Performance Pattern-Matching Algorithm for Intrusion Detection. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds) Web Technologies and Applications. APWeb 2014. Lecture Notes in Computer Science, vol 8710. Springer, Cham. https://doi.org/10.1007/978-3-319-11119-3_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-11119-3_19
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11118-6
Online ISBN: 978-3-319-11119-3
eBook Packages: Computer ScienceComputer Science (R0)