| Internet is widely used now, the birth of a series of Internet-related applications, such as online shopping, online banking, which makes network security issues become more and more prominent, and how to improve the network security has become heavy in the field of security technology research in the weight. Intrusion Detection System (IDS) is defined as malicious behavior analysis and processing system to protect computer and network resources. Intrusion detection technology is a complement to firewalls and other traditional security technologies, it not only prevent the intrusion of the outside of the system, but also respond to treatment for internal unauthorized behavior. Pattern-matching algorithm belongs to one of the core technology In the Intrusion detection systems. The performance efficiency of the system depends largely on the efficiency of the pattern matching algorithm. Relative to some well-known intrusion detection system (like Ragon, Bro, etc.), Snort system is free and open source, widely used by developer of intrusion detection system, and the method inspected in the Snort system can be ported to other IDS. In-depth study of the subject of the pattern matching algorithm used in Snort, Simultaneous analysis of some existing algorithm for single-mode and multi-mode matching algorithm, then Propose improvement ideas for BMHS_W algorithm shortcomings and Improvement ideas for the shortcomings of the N-BMHS algorithm. Finally, proposed new algorithm (BCB algorithm). Through experiments validate the correctness of both improvement ideas as well as the performance of the new algorithm, the experiment proved the effectiveness of the improvement, Also verify the efficiency of the new algorithm has been significantly improved. |
PDF Full Text Request