Abstract
Intrusion detection system (IDS) consists of set of techniques and methods for collection of packets from host system or network and analyzes those packets for anomalous content. IDSs mainly fall into two categories: signature-based IDSs and anomaly detection systems. A rule-based IDS compares the incoming packets against rule set in order to detect intrusion. A common approach followed is to build rule trees or finite automata with rule set and traverse it using a packet as input string. 30–60 % of total signature-based IDS processing time is spent on pattern matching [1]. The existing signature-based IDS cannot meet the speed demands imposed by both high network speeds and increasing number of signatures, and more CPU time is spent on searching for rules that match each packet. In this paper, we are going to present an analysis on IDS that is combined with other methods and techniques to produce greater results and hence contribute to the improvement of IDS.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aldwairi M, Alansari D (2011) Exscind: Fast pattern matching for intrusion detection using exclusion and inclusion filters. IEEE
Song H, Dharmapurikar S, Turner J, Lockwood J (2005) Fast hash table lookup using extended Bloom filter: an aid to network processing. In: SIGCOMM proceedings on conference on applications, technologies, architectures, and protocols for computer communications
Dharmapurikar S, Lockwood J (2006) Fast and scalable pattern matching for network intrusion detection systems. Sel Areas Commun IEEE J 24(10):1781–1792
Chaudhary D (2010) Parallel processing of bloom filter. Int J Electron Eng Res
Anagnostakis K, Antonatos S, Markatos E, Polychronakis M (2003) E2xB: a domain-specific string matching algorithm for intrusion detection. In: the proceedings 18th IFIP international information security conference (SEC)
Chen Z, Zhang Y, Chen Z, Delis A (2009) A digest and pattern matching-based intrusion detection engine. Comput J 52(6):699–723
Ramakrishnan K, Nikhil T, Jignesh M (2010) SigMatch: fast and scalable multi-pattern matching. In: 36th international conference on very large data bases (PVLDB)
Aho A, Corasick M (1975) Efficient string matching: An aid to bibliographic search. Commun ACM 18(6):333. doi:10.1145/360825.360855
Knuth DE, Morris JH, Pratt VR (1977) Fast pattern matching in strings. SIAM J Comput 6(2):323
Wu S, Manber U (1992) Agrep—A fast approximate pattern-matching tool. In: Proceedings USENIX Winter 1992 technical conference, San Francisco, pp 153–162
Commentz-Walter B (1979) A string matching algorithm fast on the average. In: Proceedings of the 6th colloquium on automata, languages and programming, Springer, London, UK, p 118â€.132
Bloom B (1979) Space/time trade-offs in hash coding with allowable errors. Commun ACM
Acknowledgements
This project is financially supported by DRDO sponsored project titled Machine Learning Techniques for Data Mining-Based Intrusion Detection Systems (Ref. No.: ERIPR/ER/0705066/M/01/1256) to Dr. Srinivasa K G, Professor, Department of Computer Science and Engineering, M S Ramaiah Institute of Technology, Bangalore, India. We acknowledge Dr. T V Suresh Kumar, Dr. K Rajanikanth, Dr. D E Geetha, Mrs. Mrunalini M, and Mr. Manish Kumar for their kind support.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer India
About this paper
Cite this paper
Manjunath, M., Srinivasa, K.G., Muppalla, A.K. (2014). Fast Pattern Matching Approach for Intrusion Detection Systems. In: Sridhar, V., Sheshadri, H., Padma, M. (eds) Emerging Research in Electronics, Computer Science and Technology. Lecture Notes in Electrical Engineering, vol 248. Springer, New Delhi. https://doi.org/10.1007/978-81-322-1157-0_39
Download citation
DOI: https://doi.org/10.1007/978-81-322-1157-0_39
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-1156-3
Online ISBN: 978-81-322-1157-0
eBook Packages: EngineeringEngineering (R0)