摘要
以Snort入侵检测系统为研究对象,探讨其规则匹配环节的适用算法,并在Boyer算法的基础上设计一种改进方法.此方法首先设计了一个统计数组,然后以两个相邻字符为组合执行匹配,并分为3种策略判断如何确定最大移动长度.实验结果表明:这种改进措施,使得最大移动长度更加合理,相比于Boyer方法,改进方法的字符比较次数明显降低,窗口移动次数明显降低,执行时间明显减少.
In this paper,the application of Snort intrusion detection system is studied.An improved method based on Boyer algorithm is designed.This method first designs a statistical array,then executes the matching with two adjacent characters,and divides into three strategies to determine the maximum movement length.Experimental results show this improvement makes the maximum movement length more reasonable.Compared with the Boyer method,the proposed method is significantly lower than the number of characters method,the number of windows mobile number is significantly reduced,the execution time is significantly reduced.
出处
《华侨大学学报(自然科学版)》
CAS
北大核心
2016年第2期168-170,共3页
Journal of Huaqiao University(Natural Science)
基金
河南省科技厅科研项目(102102310261)
