Pattern Matching using Layered STRIFA for Intrusion Detection

Abstract

Abstract-- With the advent and explosive growth of the global Internet adaptive/automatic network intrusion and anomaly detection in wide area data networks is fast gaining critical research and practical importance. In order to detect intrusions in a network, need efficient IDS. Deep packet inspection (DPI) has the ability to inspect both packet headers and payloads to identify the attack signatures in order to protect Internet systems. Regular expression matching, despite its flexibility and efficiency in attack detection, brings high computation and storage complexities to NIDSs, making packet processing a bottleneck. Stride finite automata (StriFA), a new family of finite automata, to accelerate both string matching and regular expression matching with reduced memory consumption. To increase the efficiency of StriFA, a layered approach of attack detection by using KDD 99 DARPA dataset is integrated with StriFA. We demonstrate that attack detection accuracy can be achieved by using StriFA and high efficiency by implementing the Layere

Similar works

This paper was published in CiteSeerX.

Having an issue?

Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.