Multi pattern matching algorithm for embedded computer network engineering intrusion detection system

• Published in: Intelligent decision technologies Vol. 18; no. 2; pp. 705 - 716
• Main Author: Cai, Yingying
• Format: Journal Article
• Language: English
• Published: London, England SAGE Publications 01.01.2024; Sage Publications Ltd
• Subjects: Algorithms; Computer networks; Consumption; Control methods; Cybersecurity; Intrusion detection systems; Network security; Packets (communication); Pattern matching; String matching; Multi pattern matching algorithm; computer network; embedded system; intrusion detection system
• ISSN: 1872-4981; 1875-8843
• DOI: 10.3233/IDT-230249

In computer networks, security issues persist, and addressing hidden security risks is pivotal for ensuring network security. However, traditional single pattern matching algorithms like BM (Boyer-Moore) lack efficiency for network intrusion detection. This study employs multiple pattern matching algorithms to bolster the security of computer network engineering intrusion detection systems (IDS). A computer network intrusion detection system (NIDS) is designed using embedded technology to collect network logs and other pertinent data, subsequently comparing log data packets. The study delves into a multi pattern matching algorithm, AC (Aho-Corasick), which incorporates the SUNDAY algorithm to optimize unnecessary string matching jumps. Furthermore, the AC algorithm and BM algorithm are fused as control methods. Randomly generated 48M text data is utilized for testing purposes, comparing the AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm. For instance, when the pattern string length is 20 bytes, the memory consumption of the AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm is 12.2 MB, 9.8 MB, and 6.2 MB respectively. The findings indicate that applying the AC-SUNDAY algorithm in NIDS effectively reduces memory consumption and enhances the efficacy of network intrusion detection.