摘要
入侵检测系统当中,匹配算法运行的速度是至关重要的。为提高模式匹配的速度和准确度,在协议分析和传统的模式匹配技术的基础上,提出了一种基于中国剩余定理的快速字符串匹配算法,通过一个散列函数,把模式串和文本串分别转化为一对整数进行匹配,并给出了整数对和字符串之间一一对应关系的理论证明。实验结果表明,与传统的单模匹配算法和多模匹配算法相比,该算法有一定程度的优越性,在处理网络数据匹配检测方面是很有效的。
In the intrusion detection systems, matching speed of the string matching algorithm is very important. To enhance the speed and accuracy of the pattern matching, by using of protocol analysis and pattern matching, a rapid string matching algorithm is proposed, which is based on the Chinese remainder Theorem. Through a hash function, the pattern strings and text strings are converted to pairs ofintegers to be matched. The theorem ofmatching equivalence between the strings to be matched and the integers converted from the strings is proven. The experiment results show the validity of proposed matching algorithm is dealt with the network data, and compared with the traditional single-mode-matching algorithms and multi-mode-matching algorithms, this algorithm has a certain degree of superiority.
出处
《计算机工程与设计》
CSCD
北大核心
2009年第6期1387-1390,共4页
Computer Engineering and Design
基金
河南省杰出人才创新基金项目(074200510013)
河南省教育厅自然科学基金项目(2007520048)
关键词
网络入侵检测
协议分析
中国剩余定理
字符串匹配
network intrusion detection
protocol analysis
Chinese remainder theorem
string matching
