Open Access  Subscription or Fee Access

A network intrusion detection system is used to monitor network traffic for security threats by scanning packet payloads flowing through the network. The traditional software alone pattern matching approaches used for network security cannot meet the high throughput of today’s networking. So to manage the increasing number of attack patterns and to meet the throughput requirements a successful network intrusion detection system must have a memory-efficient pattern-matching algorithm and hardware design. A Multiple string matching technique is used here and it can compare hundreds of string patterns simultaneously. The aho-Corasick algorithms used in nowadays can process only one input character at a time. But the newly proposed method is achieving 21% of memory reduction compared with Aho-Corasick algorithm. In addition to that a 24% reduction in memory can be achieved by integrating this approach to the bit split algorithm. Filtering and exact matching technique is also adopted here The main advantages of this technique are easy reconfigurability and scalability.

Aho–Corasick (AC) Algorithm, Finite Automata, Pattern Matching, Network Security

Cheng-Hung Lin, Member, Ieee, And Shih-Chieh Chang, , “ Efficient Pattern Matching Algorithmfor Memory Architecture” Ieee Transactions On Very Large Scale Integration (Vlsi) Systems, Vol. 19, No. 1, January 2011IEEE 2011

V. Aho and M. J. Corasick, “Efficient string matching: An AI to bibliographic search,” Commun. ACM, vol. 18, no. 6, pp. 333–340, 1975.

M. Aldwairi, T. Conte, and P. Franzon, “Configurable string matchinghardware for speeding up intrusion detection,”[4] Proc. . Alicherry, M. Muthuprasanna, and V. Kumar, “High speed patternmatching for network IDS/IPS,” in Proc. IEEE Int. Conf. Netw. Protocl(ICNP), 2006, pp.

B. Brodie, R. Cytron, and D. Taylor, “A scalable architecture forhigh-throughput regular-expression pattern matching,” in Proc. 33rdInt. Symp. Comput. Arch. (ISCA), 2006,

Z. K. Baker and V. K. Prasanna, “High-throughput linked-patternmatching for intrusion detection systems,” in Proc. Symp. Arch. forNetw. Commun. Syst. (ANCS), Oct. 2005, pp. 193–202.

Y. H. Cho and W. H. Mangione-Smith, “A pattern matching co-processr for network security,” in Proc. 42nd IEEE/ACM Des. Autom.Conf., Anaheim, CA, Jun. 13–17, 2005, pp. 234–239.

S. Dharmapurikar and J. Lockwood, “Fast and scalable patter matching for content filtering,” in Proc. Symp. Arch. for Netw.Commun. Syst. (ANCS), Oct. 2005, pp. 183–192.

A Scalable High-Performance Virus Detection Processor Against a Large Pattern Set for Embedded Network Security Chieh-Jen Cheng, Student Member, IEEE, Chao-Ching Wang, Member, IEEE, Wei-Chun Ku, Student Member, IEEE, Tien-Fu Chen, Member, IEEE, and Jinn-Shyan Wang, Member, IEEE ieee transactions on very large scale integration (vlsi) systems, vol. 20, no. 5, may 2012