상세정보
학술대회
A Fast Pattern-Matching Algorithm for Network Intrusion Detection System
- 저자
- 성정식, 강석민, 권택근
- 발행일
- 200605
- 출처
- International Conference on Research in Networking (Networking) 2006 (LNCS 3976), v.3976, pp.1157-1162
- 협약과제
- 06ZT1100, 광가입자망(FTTH)서비스 개발 실험사업, 김봉태
- 초록
- We present a multi-gigabit rate multiple pattern-matching algorithm with TCAM that enables protecting against malicious attacks in a high-speed network. The proposed algorithm significantly reduces the number of TCAM lookups per payload with m-byte jumping window scheme. Due to the reduced number of TCAM lookups, we can easily achieve multi-gigabit rate for scanning the packet payload in order to inspect the content. Furthermore, multi-packet inspection is achieved easily by the extended state transition diagram with the shifting distance. With experimental results, we have clearly justified the proposed algorithm works well for a multi-gigabit network intrusion detection system. © IFIP International Federation for Information Processing 2006.
- KSP 제안 키워드
- Extended state, High speed network, International federation, Intrusion detection system(IDS), Multi-Gigabit, Packet inspection, Packet payload, State transition diagram, information processing, malicious attacks, matching algorithm