| 一种改进的多模式匹配算法在Snort中的应用 |
| |
| 引用本文: | 王培凤,李莉.一种改进的多模式匹配算法在Snort中的应用[J].计算机科学,2012,39(2):72-74,79. |
| |
| 作者姓名: | 王培凤 李莉 |
| |
| 作者单位: | 北京科技大学计算机与通信工程学院 北京100083 |
| |
| 摘 要: | 模式匹配算法是入侵检测系统的重要组成部分。为进一步提高入侵检测系统的性能和效率,提出一种新的多模式匹配算法——完全自动机匹配算法(CA-AC算法),并将其应用于入侵检测系统Snort中。该算法是对Aho-Corasick算法的改进,根据新算法进行状态转换使得自动机状态减少,相应节约了存储空间。分析了算法的复杂度。实验表明,完全自动机算法在Snort中的应用改进了算法的性能,提高了Snort系统的规则检测效率。
|
| 关 键 词: | AC算法 完全自动机 入侵检测 字符串匹配 Snort |
Application of an Improved Multi-pattern Matching Algorithm in Snort |
| |
| WANG Pei-feng
,
LI Li.Application of an Improved Multi-pattern Matching Algorithm in Snort[J].Computer Science,2012,39(2):72-74,79. |
| |
| Authors: | WANG Pei-feng LI Li |
| |
| Affiliation: | WANG Pei-feng LI Li (School of Computer and Communication Engineering,University of Science and Technology Beijing,Beijing 100083,China) |
| |
| Abstract: | Pattern matching algorithm is an important component of intrusion detection system.In order to improve the performance and efficiency of the intrusion detection system,a new complete automatic matching algorithm(CA-AC algorithm) was proposed and applied to the Snort intrusion detection system.The algorithm was based on Aho-Corasick algorithm.State transitions in the new algorithm make the number of automaton state decreased,and reduce the memory requirement.The complexity of the algorithm was analyzed.Experimental results show that the application of complete automatic matching algorithm in Snort improves algorithm’s performance and improves the rules detection efficiency of Snort system. |
| |
| Keywords: | AC algorithm Complete automata Intrusion detection String matching Snort |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
