| Patten matching is a core algorithm which is widely used in Network Intrusion Detection System, So it has a directly influence on the performance of the real-time Intrusion Detection System(IDS). This paper mainly introduced the basic principle of the IDS and the application of patten matching in the system. The research on Patten matching algorithm has been made and existing algorithm has been analysied. Some of the most important algorithm such as single patterning matching algorithm:BM algorithm,KMP algorithm and RK algorithm, multiple patterning matching algorithm: AC algorithm and AC-BM algorithm.An intrusion detection system is built based on the basic structure of network intrusion detection system. The functions of data collection, data analysis and data matching used pattern matching algorithms are realized to verify the performance of the various patterns matching algorithm. The improved methods are proposed based on BP algorithm and AC-BM algorithm. The improved BP algorithm determined the first place which the last patten character and the character next to the bad character appeard in the patten string or if existed and unique.Recalculated the offset according to the determination, increased the moving distance of the patten string and decreased the numbers of comparisons, finally improved the efficiency. The improved AC-BM algorithm mainly based on BM algorithm, increased the moving distance as much as possible. During the process, the patten tree formed of multiple patterning strings is moved. Simultaneously tactics of bad character and good character moves has been used. The experimental results shows that the performance of the algorithm greatly improved because of omitting some unnecessary moves. |
PDF Full Text Request