Fast multipattern search algorithms for intrusion detection

Authors:
Josué Kuri;Gonzalo Navarro;Ludovic Mé
Affiliations:
Dept. of Computer Science and Networks, ENST, 46, rue Barrault, 75634 Paris, France;Dept. of Computer Science, University of Chile, Blanco Encalada 2120, Santiago, Chile;Supélec. Campus de Rennes, France
Venue:
Fundamenta Informaticae - Special issue on computing patterns in strings
Year:
2002

Citing 18
Cited 2

Efficient text searching

Efficient text searching
A new approach to text searching

Communications of the ACM
Fast text searching: allowing errors

Communications of the ACM
A survey of intrusion detection techniques

Computers and Security
Classification and detection of computer intrusions

Classification and detection of computer intrusions
A comparison of approximate string matching algorithms

Software—Practice & Experience
Window-accumulated subsequence matching problem is linear

PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
A fast bit-vector algorithm for approximate string matching based on dynamic programming

Journal of the ACM (JACM)
A guided tour to approximate string matching

ACM Computing Surveys (CSUR)
NR-grep: a fast and flexible pattern-matching tool

Software—Practice & Experience
New and faster filters for multiple approximate string matching

Random Structures & Algorithms
Matchsimile: a flexible approximate matching tool for searching proper names

Journal of the American Society for Information Science and Technology
Text-Retrieval: Theory and Practice

Proceedings of the IFIP 12th World Computer Congress on Algorithms, Software, Architecture - Information Processing '92, Volume 1 - Volume I
Multiple Approximate String Matching

WADS '97 Proceedings of the 5th International Workshop on Algorithms and Data Structures
Approximate Multiple Strings Search

CPM '96 Proceedings of the 7th Annual Symposium on Combinatorial Pattern Matching
Episode Matching

CPM '97 Proceedings of the 8th Annual Symposium on Combinatorial Pattern Matching
Fast Multipattern Search Algorithms for Intrusion Detection

SPIRE '00 Proceedings of the Seventh International Symposium on String Processing Information Retrieval (SPIRE'00)
Self-Nonself Discrimination in a Computer

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy

Outlier detection by logic programming

ACM Transactions on Computational Logic (TOCL)
Nested Counters in Bit-Parallel String Matching

LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present new search algorithms to detect the occurrences of any pattern from a given pattern set in a text, allowing in the occurrences a limited number of spurious text characters among those of the pattern. This is a common requirement in intrusion detection applications. Our algorithms exploit the ability to represent the search state of one or more patterns in the bits of a single machine word and update all the search states in a single operation. We show analytically and experimentally that the algorithms are able of fast searching for large sets of patterns allowing a wide number of spurious characters, yielding in our machine about a 75-fold improvement over the classical dynamic programming algorithm.