摘要
针对W eb入侵检测系统中存在的攻击模式误匹配与效率问题,提出了一种高效的多模式匹配算法MPMA。MPMA通过构建比较树,并在比较树的每个节点中记录下次比较的字符位置以提高比较效率,并利用(模式,偏移)信息对来搜索可能符合的匹配模式。详细的实验以及与现有算法的比较表明,提出的MPMA不仅适合于W eb入侵检测系统,同时在时间、空间和匹配率性能上具有更高的效率。
To overcome the defects of false pattern matching and time-and-space efficiency in Web intrusion detection systems (IDSs), this paper proposed an efficient multi-pattern matching algorithm called MPMA. With building comparison tree, every tree node had a position value which could tell you where an octet comparison should be made next, and MPMA used(pattern, offset) pair to find possible matching patterns. Detailed experimental results and comparison with existed algorithms prove that the proposed MPMA not only fits Web IDS, but also outperforms current state-of-the-art schemes in terms of time efficiency, space efficiency and matching ratio.
出处
《计算机应用研究》
CSCD
北大核心
2009年第4期1528-1531,共4页
Application Research of Computers
基金
浙江省自然科学基金资助项目(Y106176)
关键词
入侵检测系统
多模式匹配
WEB
intrusion detection systems(IDS)
muhi-pattern matching
Web