Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IMC
2006
ACM
2006
ACM
Approximate fingerprinting to accelerate pattern matching
Pattern matching and analysis over network data streams is increasingly becoming an essential primitive of network monitoring systems. It is a fundamental part of most intrusion detection systems, worm detecting algorithms and many other anomaly detection mechanisms. It is a processingintensive task, usually requiring to search for a large number of patterns simultaneously. We propose the technique of “approximate fingerprinting” to reduce the memory demands and significantly accelerate the pattern matching process. The method computes fingerprints of prefixes of the patterns and matches them against the input stream. It acts as a generic preprocessor to a standard pattern matching engine by “clearing” a large fraction of the input that would not match any of the patterns. The main contribution is the “approximate” characteristic of the fingerprint, which allows to slide the fingerprinting window through the packet at a faster rate, while maintaining a small memory f...
Real-time Traffic| Added | 13 Jun 2010 |
| Updated | 13 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | IMC |
| Authors | Ramaswamy Ramaswamy, Lukas Kencl, Gianluca Iannaccone |
Comments (0)
Researcher Info
|
