ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper A Fast Pattern-Matching Algorithm for Network Intrusion Detection System
Cited 2 time in scopus Download 1 time Share share facebook twitter linkedin kakaostory
Authors
Jung Sik Sung, Seok Min Kang, Taeck Geun Kwon
Issue Date
2006-05
Citation
International Conference on Research in Networking (Networking) 2006 (LNCS 3976), v.3976, pp.1157-1162
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1007/11753810_102
Project Code
06ZT1100, Experimental Project for FTTH Service Development, Kim Bong Tae
Abstract
We present a multi-gigabit rate multiple pattern-matching algorithm with TCAM that enables protecting against malicious attacks in a high-speed network. The proposed algorithm significantly reduces the number of TCAM lookups per payload with m-byte jumping window scheme. Due to the reduced number of TCAM lookups, we can easily achieve multi-gigabit rate for scanning the packet payload in order to inspect the content. Furthermore, multi-packet inspection is achieved easily by the extended state transition diagram with the shifting distance. With experimental results, we have clearly justified the proposed algorithm works well for a multi-gigabit network intrusion detection system. © IFIP International Federation for Information Processing 2006.
KSP Keywords
Extended state, High speed network, International federation, Intrusion detection system(IDS), Multi-Gigabit, Packet inspection, Packet payload, State transition diagram, information processing, malicious attacks, matching algorithm