Pattern matching of signature-based ids using myers algorithm under mapreduce framework

被引：23

作者：

Aldwairi M. ^{[1
,2
]}

Abu-Dalo A.M. ^{[1
]}

Jarrah M. ^{[1
]}

机构：

[1] Computer and Information Technology Faculty, Jordan University of Science and Technology, Irbid

[2] College of Technological Innovation, Zayed University, P.O. Box 144534, Abu Dhabi

来源：

EURASIP Journal on Information Security | / 2017卷 / 1期

关键词：

Information security; Intrusion detection systems; MapReduce; Pattern matching; Signature-based;

D O I：

10.1186/s13635-017-0062-7

中图分类号：

学科分类号：

摘要：

The rapid increase in wired Internet speed and the constant growth in the number of attacks make network protection a challenge. Intrusion detection systems (IDSs) play a crucial role in discovering suspicious activities and also in preventing their harmful impact. Existing signature-based IDSs have significant overheads in terms of execution time and memory usage mainly due to the pattern matching operation. Therefore, there is a need to design an efficient system to reduce overhead. This research intends to accelerate the pattern matching operation through parallelizing a matching algorithm on a multi-core CPU. In this paper, we parallelize a bit-vector algorithm, Myers algorithm, on a multi-core CPU under the MapReduce framework. On average, we achieve four times speedup using our multi-core implementations when compared to the serial version. Additionally, we use two implementations of MapReduce to parallelize the Myers algorithm using Phoenix++ and MAPCG. Our MapReduce parallel implementations of the Myers algorithm are compared with an earlier message passing interface (MPI)-based parallel implementation of the algorithm. The results show 1.3 and 1.7 times improvement for Phoenix++ and MAPCG MapReduce implementations over MPI respectively. © The Author(s). 2017.

引用

共 37 条

[1]

Computer Insecurity, (2017)

[2]

Aldwairi M., Khamayseh Y., Al-Masri M., Application of artificial bee colony for intrusion detection systems, Secur. Commun. Netw., 8, 16, pp. 2730-2740, (2015)

[3]

Snort: The Open Source Network Intrusion Detection System, (2017)

[4]

Aldwairi M., Ekailan N., Hybrid multithreaded pattern matching algorithm for intrusion detections systems, J. Inform. Assur. Secur., 6, 6, pp. 512-521, (2011)

[5]

Kharbutli M., Mughrabi A., Aldwairi M., Function and data parallelization of Wu-Manber pattern matching for intrusion detection systems, Netw. Protoc. Algorithms J., 4, 3, pp. 46-61, (2012)

[6]

Su X., Ji Z., Lian A., Proceedings of the 2nd International Conference on Computer Science and Electronics Engineering, A Parallel AC Algorithm Based on SPMD for Intrusion Detection System, (2013)

[7]

Holtz M., David B., Junior R., Building scalable distributed intrusion detection systems based on the MapReduce framework, Revista Telecomunicacoes J, 13, 2, (2011)

[8]

Hu L., Wei Z., Wang F., Zhang X., Zhao K., An efficient AC algorithm with GPU, Procedia Engineering., 29, pp. 4249-4253, (2012)

[9]

Xu D., Zhang H., Fan Y., The GPU-based high-performance pattern-matching algorithm for intrusion detection, J. Comput. Inform. Syst., 9, 10, (2013)

[10]

Xu K., Cui W., Hu Y., Guo L., Bit-parallel multiple approximate string matching based on GPU, Procedia Computer Science, 17, pp. 523-529, (2013)

← 1 2 3 4 →