Tashev et al., 2021 - Google Patents
Application of the Aho-Corasick algorithm to create a network intrusion detection systemTashev et al., 2021
- Document ID
- 8589864329105984898
- Author
- Tashev K
- Agzamova M
- Axmedova N
- Publication year
- Publication venue
- Bulletin of TUIT: Management and Communication Technologies
External Links
- 238000001514 detection method 0 title abstract description 16
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30964—Querying
- G06F17/30979—Query processing
- G06F17/30985—Query processing by using string matching techniques
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30946—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type indexing structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup or address filtering
- H04L45/7457—Address table lookup or address filtering using content-addressable memories [CAM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup or address filtering
- H04L45/7453—Address table lookup or address filtering using hashing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30613—Indexing
- G06F17/30619—Indexing indexing structures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Becchi et al. | A hybrid finite automaton for practical deep packet inspection | |
| Becchi et al. | Memory-efficient regular expression search using state merging | |
| Chen et al. | A survey on the application of FPGAs for network infrastructure security | |
| Le et al. | A memory-efficient and modular approach for large-scale string pattern matching | |
| EP1738531B1 (en) | Deep Packet Filter and Respective Method | |
| Bremler-Barr et al. | CompactDFA: Generic state machine compression for scalable pattern matching | |
| Huang et al. | Scalable TCAM-based regular expression matching with compressed finite automata | |
| Rashid et al. | Exploration of hardware architectures for string matching algorithms in network intrusion detection systems | |
| Xu et al. | TFA: A tunable finite automaton for pattern matching in network intrusion detection systems | |
| Trivedi | An Optimized Aho-Corasick Multi-Pattern Matching Algorithm for Fast Pattern Matching | |
| Aldwairi et al. | nāGrams exclusion and inclusion filter for intrusion detection in Internet of Energy big data systems | |
| Tashev et al. | Comparative performance analysis the Aho-Corasick algorithm for developing a network detection system | |
| Karimov et al. | Application of the Aho-Corasick algorithm to create a network intrusion detection system | |
| Artan et al. | Tribica: Trie bitmap content analyzer for high-speed network intrusion detection | |
| Fide et al. | A survey of string matching approaches in hardware | |
| Tashev et al. | Application of the Aho-Corasick algorithm to create a network intrusion detection system | |
| Sert et al. | NFA based regular expression matching on FPGA | |
| Guinde et al. | Efficient hardware support for pattern matching in network intrusion detection | |
| Cho et al. | Programmable hardware for deep packet filtering on a large signature set | |
| Smith et al. | Fast signature matching using extended finite automaton (XFA) | |
| Thota et al. | Efficient regular expression matching and hardware-accelerated finite automata pattern recognition in nids | |
| Ni et al. | A fast multi-pattern matching algorithm for deep packet inspection on a network processor | |
| Trabelsi et al. | Hybrid mechanism towards network packet early acceptance and rejection for unified threat management | |
| Kastil et al. | Methodology for fast pattern matching by deterministic finite automaton with perfect hashing | |
| Shaik et al. | A High Throughput Bloom Filter Based TCAM Architecture for Fast NIDS |