Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A multi-mode matching method for improving the detection rate and efficiency of intrusion detection system

An intrusion detection system and multi-mode matching technology, applied in the field of multi-mode matching, can solve the problem of low matching efficiency, achieve the effect of reducing the scope and speeding up the search process

Inactive Publication Date: 2013-04-03
西安交大捷普网络科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides a multi-mode matching method that can improve the detection rate and efficiency of the intrusion detection system, so as to overcome the technical problem that the matching efficiency is very low when the number of intrusion detection rule sets is large in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A multi-mode matching method for improving the detection rate and efficiency of intrusion detection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The present invention will be described in detail below through the embodiments in the intrusion detection system and the accompanying drawings.

[0026] The steps of the present invention are:

[0027] (1) Set of preprocessing modes: the establishment of mobile table (SHIFT table), suffix table (SUFFIX table) and prefix table (PREFIX table).

[0028] When constructing the movement table, consider the comparison of a string of size B, rather than a single character; the movement table is used to determine how many characters in the text can be skipped when the text is scanned.

[0029] Take the value of B as 2 and the value of A as 2;

[0030] Calculate the hash value of A character prefix of all pattern headers and put them in PREFIX[i];

[0031] (2) Scan search:

[0032] 2.1 Calculate the hash value h of the currently scanned B characters of the text;

[0033] 2.2 Check the value of SHIFT[h]: if > 0, move the text and go to step 2.1; otherwise, go to step 2.3;

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention relates to a technical field of network intrusion detection systems (NIDS), specifically to a multi-mode matching method for improving rate and efficiency of network intrusion detection. The present invention aims to provide a multi-mode matching method for improving rate and efficiency of network intrusion detection, in order to overcome the problem of low matching efficiency when the intrusion detection rule set is large in the existing technology. The related multi-mode matching method I NIDS field comprises: (1) pretreatment mode set: building SHIFT table, SUFFIX table and PREFIX table; (2) scanning for search.

Description

Technical field: [0001] The invention relates to the technical field of network intrusion detection (NIDS), in particular to a multi-mode matching method capable of improving the detection rate and efficiency of an intrusion detection system. Background technique: [0002] In recent years, with the emergence of high-speed network technologies, the improvement of network speed has posed challenges to the three links of intrusion detection, data collection, analysis engine, and response mechanism. The speed of any link cannot catch up with the network speed, and real-time protection of the network cannot be realized. Safety. Most existing NIDSs only have a detection speed of tens of megabytes. With the massive application of 100-megabit and gigabit networks, the processing speed of NIDS has become a bottleneck affecting the application of intrusion detection systems. In NIDS, it takes a lot of time and system resources to intercept each data packet of the network, analyze and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/36H04L12/70H04L29/06
Inventor 刘涛白亮王二鹏张永斌赵卫栋靳卫恒
Owner 西安交大捷普网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com