Abstract
The study of reduced pattern length is conducted based on the concept of parallel Bloom filter for fast string matching for Network Intrusion Detection Systems (NIDS).This thesis evaluates the effectiveness of reduced pattern length based on the Snort rule sets. With a few packets marked with false errors due to proposed reduced pattern length, the hardware cost can be reduced significantly by using pattern length of 20 bytes instead of 130. The simulation is performed based on the DARPA Intrusion Detection Data Sets collected by Lincoln laboratory at Massachusetts Institute of Technology in the year of 1998, 1999 and 2000. When reduced pattern length is conducted on 5 bytes, the theory of false positive error of Bloom Filter is 5.92078*10-6 in this thesis. And the value of practical is 10-5.6*10-5. The Bloom Filter will miscarriage of justice more several hundred go to several thousand packets than Boyer Moore.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
