Skip to main content
Book

Security Technology

  • Wu C
  • Yin J
  • Cai Z
  • et al.
DOI: 10.1007/978-3-642-10847-1
N/ACitations
Citations of this article
6Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Multi-pattern search is a time-consuming task in Network Intrusion Detection Systems(NIDS). The processing ability of NIDS cannot catch up with the rapid development of network bandwidth. One intuitive idea is to use pre-filtering to reduce the workload of NIDS. Our goal is to design a novel method for per-filtering which will be ready for an efficient implementation on many-core GPU. Through statistical analysis, we propose a rudimentary method to use 2B ASCII sub patterns as the filter keywords. To reduce the size of the filter keyword set, we use Binary Integer Linear Programming(BILP) for optimization. The number of filter keywords is reduced from 4824 to 362, which is also much smaller then the prefix based and suffix based method. We argue that our method can well utilize the computation power of GPU. Experiments demonstrate that our pre-filter can achieve a good fiter ratio, thus alleviate the burden of NIDS.

Author supplied keywords

Cite

CITATION STYLE

APA

Wu, C., Yin, J., Cai, Z., Zhu, E., Cheng, J., Ślęzak, D., … Arnett, K. P. (2009). Security Technology. (D. Ślęzak, T. Kim, W.-C. Fang, & K. P. Arnett, Eds.) (Vol. 58, pp. 298–305). Berlin, Heidelberg: Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-10847-1

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free