期刊文献+

Web入侵检测系统高效多模式匹配算法 被引量:5

Efficient multi-pattern matching algorithm for Web intrusion detection systems
下载PDF
导出
摘要 针对W eb入侵检测系统中存在的攻击模式误匹配与效率问题,提出了一种高效的多模式匹配算法MPMA。MPMA通过构建比较树,并在比较树的每个节点中记录下次比较的字符位置以提高比较效率,并利用(模式,偏移)信息对来搜索可能符合的匹配模式。详细的实验以及与现有算法的比较表明,提出的MPMA不仅适合于W eb入侵检测系统,同时在时间、空间和匹配率性能上具有更高的效率。 To overcome the defects of false pattern matching and time-and-space efficiency in Web intrusion detection systems (IDSs), this paper proposed an efficient multi-pattern matching algorithm called MPMA. With building comparison tree, every tree node had a position value which could tell you where an octet comparison should be made next, and MPMA used(pattern, offset) pair to find possible matching patterns. Detailed experimental results and comparison with existed algorithms prove that the proposed MPMA not only fits Web IDS, but also outperforms current state-of-the-art schemes in terms of time efficiency, space efficiency and matching ratio.
出处 《计算机应用研究》 CSCD 北大核心 2009年第4期1528-1531,共4页 Application Research of Computers
基金 浙江省自然科学基金资助项目(Y106176)
关键词 入侵检测系统 多模式匹配 WEB intrusion detection systems(IDS) muhi-pattern matching Web
  • 相关文献

参考文献9

  • 1GARCIA A, JUAN J, PIKATZA A, et al. Intrusion detection in Web applications using text mining [ J ]. Engineering Applications of Artificial Intelligence,2007,20(4) : 555-566.
  • 2DJEMAIEL Y, REKHIS S, BOUDRIGA N. Intrusion detection and tolerance:a global scheme[ J]. International Journal of Communication Systems,2008,21 (2) :211-230.
  • 3BRUSCHI D, PIGHIZZINI G. String distances and intrusion detection: bridging the gap between formal languages and computer security [ J ]. Theoretical I nformatics and Applications, 2006, 40 ( 2 ) :303 - 313.
  • 4KAI Hong-mei, ZHU Hong-bing, KEI E, et al. A novel intelligent intrusion detection, decision, response system [ J ]. IEICE Tmns on Fundamentals of Electronics, Communications and Computer Sciences ,2006, E89-A(6) : 1630-]637.
  • 5MARKATOS E P, ANTONATOS S. Exclusion-based signature matching for intrusion detection[ C ]//Proc of International Conference on Communications and Computer Networks. New Jersey: IEEE Press, 2002 : 146-152.
  • 6DHARMAPURIKAR S, KRISHAMURTHY P. Deep packet inspection using parallel bloom filters [ J ]. IEEE Micro,2004,24 (1) : 52- 61.
  • 7ANTONATOS S, ANAGNOSTAKIS K G. Generating realistic workloads for network intrusion detection systems [ J ]. AGM SIGSOFT Software Engineering Notes ,2004,29( 1 ) :207-215.
  • 8TUCK N, CALDER T, VARGHESE B. Deterministic memory-efficient string matching algorithms for intrusion detection [ C ]//Proc of IEEE INFOCOM. New Jersey : IEEE Press ,2004:2628-2639.
  • 9LIU Rong-ting, HUANG Nan-fang. A fast string-matching algorithm for network processor-based intrusion detection system [ J ]. ACM Trans on Embedded Computing Systems ( TECS ), 2004,3 ( 3 ) : 614- 633.

同被引文献42

  • 1薛丽敏,崔金生,赵俊阁.先进的入侵检测系统模型探析[J].舰船电子工程,2008,28(9):176-180. 被引量:4
  • 2M.Arun,A.Krishnan.Functional Verification of Signature Detection Architectures for High Speed Network Applications[J].International Journal of Automation and computing,2012,9(4):395-402. 被引量:5
  • 3AHO A V, CORASICK M J. Efficient string matching: an aid to bibliographie search [ J ]. Communications of the ACM, 1975,18 ( 6 ) : 333- 340.
  • 4TAN Lin, SHERWOOD T. A high throughput string matching architecture for intrusion detection and prevention [ C]//Proc of the 32nd International Symposium on Computer Architecture. 2005 : 112-122.
  • 5DHARMAPURIKAR S, LOCKWOOD J. Fast and scalable pattern matching for network intrusion detection systems[ J ]. IEEE Journal on Selected Areas in Communications, 2006,24 ( 10 ) : 1781- 1792.
  • 6PIYACHON P,LUO Yah. Design of high performance pattern marching engine through compact deterministic finite automata[ C ]//Proc of the 45th Annual Design Automation Conference. New York: ACM Press, 2008 : 852 - 857.
  • 7TUCK N, SHERWOOD T,CALDER T, et al. Deterministic memory- efficient string matching algorithms for intrusion detection [ C ]//Proc of the 23rd Annual Joint Conference of IEEE Computer and Communications Societies. New Jersey:IEEE Press,2004:2628-2639.
  • 8徐兴元,傅和平,熊中朝.基于数据挖掘的入侵检测技术研究[J].微计算机信息,2007,23(03X):74-75. 被引量:17
  • 9赵旭,王长山.Snort入侵检测系统的改进[J].西安工程科技学院学报,2007,21(6):859-863. 被引量:5
  • 10肖锋,杨树堂,陆松年,李建华.基于人工免疫的入侵检测模型研究[J].计算机应用与软件,2008,25(2):258-260. 被引量:10

引证文献5

二级引证文献19

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部