| The Internet has developed rapidly and has penetrated into all levels of society since its birth. The Internet has brought great convenience to our work and daily life. Meanwhile, it also confronts us with increasingly prominent network security issues. As a proactive process to keep the information in security, intrusion detection measures to compensate for the [0]deficiency of traditional security protection technology effectively. Pattern-matching algorithms is one of the major technical difficulties in intrusion detection technology. The pros and cons of pattern matching algorithms have a direct impact on the detection efficiency of intrusion detection systems.This dissertation studies the current status and the development trend of the intrusion detection system, analyses the main technologies related to intrusion detection, makes discussions on several classic pattern-matching algorithms, and their theoretical foundations. This dissertation places its emphasis on the research on the BMH algorithm, and furthermore, presents an improved algorithm (IBHM) based on the BMH algorithm, The IBMH algorithm is to take a text string of two consecutive characters in the offset calculation, so the possibility of a pattern string with the greatest amount of movement likely to shift to the right has increased. The experimental results show that the IBMH algorithm can effectively reduce the times of string matching in order to improve the pattern matching speed.This dissertation also makes a deep study on the deployment method and system structure of the well-known open-source intrusion detection system Snort. Besides, this dissertation reports the practicing of IBMH by implanting IBMH algorithm to replace the original BM algorithm of the Snort system, the results show that IBMH algorithm can improve the Snort's detection efficiency to certain extent. |
PDF Full Text Request