Skip to main content
SpringerLink
Log in

The Improved AC High-Performance Pattern-Matching Algorithm for Intrusion Detection

  • Conference paper
Book cover Web Technologies and Applications (APWeb 2014)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8710))

Included in the following conference series:

Abstract

Network Intrusion Detection Systems (NIDS) have become widely recognized as powerful tools for identifying, deterring and deflecting malicious attacks over the network. New generations of network intrusion detection systems create the need for advanced pattern-matching engines. This paper proposes an improved AC algorithm, called Semi-AC. We contribute modifications to the Aho-Corasick string-matching algorithm that drastically reduce the amount of memory required. Its efficiency is close to the standard AC, but the space is saved 50% or more.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Antonatos, S., Anagnostakis, K.G., Markatos, E.P.: Generating realistic workloads for network intrusion detection systems. In: ACM Workshop on Software and Performance (2004)

    Google Scholar 

  2. Aho, A., Corasick, M.: Efficient string matching: An aid to bibliographic search. CACM 18(6), 333–340 (1975)

    Article  MATH  MathSciNet  Google Scholar 

  3. Knuth, D.E., Moms, J.H., Pratt, V.R.: Fast pattern matching in strings. SIAMJ. Compt. 6(2), 323–350 (1977)

    Article  MATH  Google Scholar 

  4. Arikawa, S., Shinohara, T.: A run-time efficient realization of aho-corasick pattern matching machines. New Generation Computing 2(2), 171–186 (1984)

    Article  Google Scholar 

  5. Snort users manual 2.6.0 (2006)

    Google Scholar 

  6. Tuck, N., Sherwood, T., Calder, B., Varghese, G.: Deterministic memory-efficient string matching algorithms for intrusion detection. In: INFOCOM (2004)

    Google Scholar 

  7. Fukamachi, S., Shinohara, T., Takeda, M.: String pattem matching for compressed data using variable length codes(in japanese). Jouhougaku Symposium (1992)

    Google Scholar 

  8. Huffman, D.A.: A method for the construction of minimum-Redundancy codes. In: Proc. IRE, vol. 40, pp. 1098–1101 (1952)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Harbin Institute of Technology, Harbin, China

    Dongliang Xu, Hongli Zhang & Miao Hou

Authors
  1. Dongliang Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hongli Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Miao Hou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science, National University of Defense Technology, 410073, Changsha, China

    Weihong Han

  2. School of Information Technology & Electrical Engineering, University of Queensland, 4107, Brisbane, QLD, Australia

    Zi Huang

  3. School of Computer and Communication Engineering, University of Science and Technology Beijing, 100083, Beijing, China

    Changjun Hu

  4. School of Computer Science and Technology, Harbin Institute of Technology, 150006, Harbin, China

    Hongli Zhang

  5. Institute of Information Engineering, Chinese Academy of Sciences, 100864, Beijing, China

    Li Guo

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Xu, D., Zhang, H., Hou, M. (2014). The Improved AC High-Performance Pattern-Matching Algorithm for Intrusion Detection. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds) Web Technologies and Applications. APWeb 2014. Lecture Notes in Computer Science, vol 8710. Springer, Cham. https://doi.org/10.1007/978-3-319-11119-3_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-11119-3_19

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-11118-6

  • Online ISBN: 978-3-319-11119-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation