本文已被:浏览 2067次 下载 4222次
Received:July 12, 2010 Revised:September 16, 2010
Received:July 12, 2010 Revised:September 16, 2010
中文摘要: 在经典的多模式字符串匹配算法-AC 算法的基础上,提出了双向AC 算法。该算法在预处理阶段构造正向和反向两个有限状态自动机,匹配时使用正向有限自动机从文本串中间位置向右扫描,同时依据反向有限状态自动机从中间位置向左扫描。将该算法应用于开放源码的入侵检测系统Snort 中,实验结果表明较BM 算法、WM 算法和AC 算法本算法有更好的时间性能。如使用发现攻击即停止匹配方式检测,则该算法的效率约为AC 算法的1.5 倍。
Abstract:Based on AC algorithm for performing multiple string matching algorithms, two-way AC algorithm was proposed. The algorithm constructs a forward finite automaton and a reversed finite automaton in the preprocessing stage. In the Matching stage it scans the text string from middle to right with a forward finite automaton and concurrently from middle to left with a reversed finite automaton. The algorithm has been implemented by modifying the source code of Snort. The experimental result shows that the time performance of two-way AC algorithm is superior to BM algorithm, WM algorithm and AC algorithm. Efficiency of the algorithm is about 1.5 times AC algorithm if the mode of detection is to discover and stop.
keywords: AC algorithm WM algorithm BM algorithm string matching algorithm intrusion detection system Snort
文章编号: 中图分类号: 文献标志码:
基金项目:
Author Name | Affiliation |
YANG Chao | Department of Basic Course, Hefei University, Hefei 230601, China |
Author Name | Affiliation |
YANG Chao | Department of Basic Course, Hefei University, Hefei 230601, China |
引用文本:
杨超.双向AC 算法及其在入侵检测系统中应用.计算机系统应用,2011,20(3):222-225
YANG Chao.Two-Way AC Algorithm and its Application to Intrusion Detection System.COMPUTER SYSTEMS APPLICATIONS,2011,20(3):222-225
杨超.双向AC 算法及其在入侵检测系统中应用.计算机系统应用,2011,20(3):222-225
YANG Chao.Two-Way AC Algorithm and its Application to Intrusion Detection System.COMPUTER SYSTEMS APPLICATIONS,2011,20(3):222-225