| It is a key issue that many technologies of information have to deal with,especially used in intrusion detection. It has been developed for a lot of years.Now, some classical algorithms have been used widely in many intrusion detectionsystems. But there have been some blemishes in these algorithms. For this reasonresearching in this field is still valuable. This article gets a few newconclusions based on the results of former researchers, and we have made analgorithm according to these new conclusions of this article come true. And,we prove the conclusions to be correct. In the end, we use a great deal of datasto test the new algorithm.Until now any of strings matching algorithms is not perfect, but people havegot some limits of this kind of algorithm in theroy. So the new algorithm is notperfect but improved on the base of former people. We make the new algorithmmore fit to multi pattern parallel matching. When the new pattern strings hasto add for matching in the same text, this algroithm will give a good show ofits effect.In fact, this article do four work as blow:1) We bring a theorem named splitted theorem forward. This theorem show thata text can be splitted into sub_text which is smaller than the text, bynever_appeared_in_patterns characters.2) We bring a theorem named sampling theorem forward. This theorem show thata text can be matched by samples which could be sampled from the text. To usethis theorem we must prove the length between any two samples is not longer thanthat of the pattern which will be matched.3) We make the sampling theorem into truth. According to the theorem, wemake an algorithm named sample_algorithm that can be used to strings matching.4) We use the sample_algorithm into the engine of intrusion detection, andimprove the detection efficiency. |
PDF Full Text Request