A memory-efficient parallel string matching for intrusion detection systems

Hyunjin Kim, Hjhong Hong, Hong Sik Kim, S. Kang

Research output: Contribution to journalArticle

10 Citations (Scopus)

Abstract

As the variety of hazardous packet payload contents increases, the intrusion detection system (IDS) should be able to detect numerous patterns in real time. For this reason, this paper proposes an Aho-Corasick algorithm based parallel string matching. In order to balance memory usage between homogeneous finite-state machine (FSM) tiles for each string matcher, an optimal set of bit position groups is determined. Target patterns are sorted by binary-reflected gray code (BRGC), which reduces bit transitions in patterns mapped onto a string matcher. In the evaluations of Snort rules, the proposed string matching outperforms the existing bit-split string matching.

Original languageEnglish
Article number5353291
Pages (from-to)1004-1006
Number of pages3
JournalIEEE Communications Letters
Volume13
Issue number12
DOIs
Publication statusPublished - 2009 Dec

All Science Journal Classification (ASJC) codes

  • Modelling and Simulation
  • Computer Science Applications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'A memory-efficient parallel string matching for intrusion detection systems'. Together they form a unique fingerprint.

  • Cite this