A Survey of Software-based String Matching Algorithms for Forensic Analysis

Employing a fast string matching algorithm is essential for minimizing the overhead of extracting structured files from a raw disk image. In this paper, we summarize the concept, implementation, and main features of ten software-based string matching algorithms, and evaluate their applicability for forensic analysis. We provide comparisons between the selected software-based string matching algorithms from the perspective of forensic analysis by conducting their performance evaluation for file carving. According to the experimental results, the Shift-Or algorithm (R. Baeza-Yates & Gonnet, 1992) and the Karp-Rabin algorithm (Karp & Rabin, 1987) have the minimized search time for identifying the locations of specified headers and footers in the target disk. Keywords: string matching algorithm, forensic analysis, file carving, Scalpel, data recover

Advanced Searching Algorithms and its Behavior on Text Structures

This research investigates the behavior of the Boyer-Moore-Horspool (BMH) and the Boyer-Moore-Raita (BMR) string-matching algorithms using multilingual texts. The performance is computed based on searching for patterns in master strings. Experiments are conducted using a number of pattern lengths with many experiments repetition. The experimental results show that on average the number of comparisons per character passed in the case of the BMR is less than the number encountered by the BMH variant. The improvement is due to properties of the text structures. These experiments may lead to more theoretical and practical studies to develop new variants of algorithms. Using multilingual text structures provide more insight into the theory and structure of algorithms as multilingual text structures have different set of characters and dependencies, and the character properties have different type of structures. Since many applications of today depend on searching algorithms, therefore researchers need to explore every possibility that lead to improving the efficiency of searching and matching mechanisms. The time performance of exact string pattern matching can be greatly improved if an efficient algorithm is used. Considering, for example, the growing amount of text handled in the electronic patient records, it is worth and essential, in these cases and others, to searching for an efficient algorithm to deal with such huge items of information. Keywords: Matching, Boyer-Moore, Raita algorithm, Searching, multilingua

Performance Study of the Running Times of well known Pattern Matching Algorithms for Signature-based Intrusion Detection Systems

Intrusion detection system (IDS) is the basic component of any network defense scheme. Signature based intrusion detection techniques are widely used in networks for fast response to detect threats. One of the main challenges faced by signature-based IDS is that every signature requires an entry in the database, and so a complete database might contain hundreds or even thousands of entries. Each packet is to be compared with all the entries in the database. This can be highly resource-consuming and doing so will slow down the throughput and making the IDS vulnerable. Since pattern matching computations dominate in the overall performance of a Signature-based IDS, efficient pattern matching algorithms should be used which use minimal computer storage and which minimize the searching response time. In this paper we present a performance study of the running times of different well known pattern matching algorithms using multiple sliding windows approach. DOI: 10.17762/ijritcc2321-8169.150613

Approximate string matching with reduced alphabet

Peer reviewe