Document Type
Article
Source of Publication
Journal Of Digital Forensics Security And Law
Publication Date
1-1-2016
Abstract
With increasing number and severity of attacks, monitoring ingress and egress network traffic is becoming essential everyday task. Intrusion detection systems are the main tools for capturing and searching network traffic for potential harm. Signature -based intrusion detection systems are the most widely used, and they simply use a pattern matching algorithms to locate attack signatures in intercepted network traffic. Pattern matching algorithms are very expensive in terms of running time and memory usage, leaving intrusion detection systems unable to detect attacks in real-time. We propose a Bloom filters optimized Wu-Manber pattern matching algorithm to speed up intrusion detection. The Bloom filter programs the hash table into a vector, which is quickly queried to exclude unnecessary searches. On average hash table searches are avoided 10.6% of the time. The proposed algorithm achieves a best -case speedup of 66% and worst -case speedup of 33% over Wu-Manber at the cost of 0.33% memory usage increase.
DOI Link
ISSN
Publisher
Embry-Riddle Aeronautical University/Hunt Library
Volume
11
Issue
4
First Page
5
Last Page
22
Disciplines
Computer Sciences
Keywords
network security, intrusion detection systems, pattern matching, Wu-Manber, Bloom filters
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License
Recommended Citation
Aldwairi, Monther; Al-Khamaiseh, Koloud; Alharbi, Fatima; and Shah, Babar, "Bloom Filters Optimized Wu-Manber for Intrusion Detection" (2016). All Works. 5082.
https://zuscholars.zu.ac.ae/works/5082
Indexed in Scopus
no
Open Access
yes
Open Access Type
Gold: This publication is openly available in an open access journal/series