Special Issue Paper
Hybrid pattern matching for trusted intrusion detection
Version of Record online: 9 DEC 2009
Copyright © 2009 John Wiley & Sons, Ltd.
Security and Communication Networks
Special Issue: Trusted Computing and Communications
Volume 4, Issue 1, pages 33–43, January 2011
How to Cite
Soewito, B., Vespa, L., Weng, N. and Wang, H. (2011), Hybrid pattern matching for trusted intrusion detection. Security Comm. Networks, 4: 33–43. doi: 10.1002/sec.175
- Issue online: 9 DEC 2009
- Version of Record online: 9 DEC 2009
- trusted computing;
- pattern matching;
- instruction detection;
Intrusion Detection Systems (IDSs) rely on pattern matching to detect and thwart a network attack by comparing packets with a database of known attack patterns. The key requirements of trusted intrusion detection are accurate pattern matching, adaptive, and reliable reconfiguration for new patterns. To address these requirements, this paper presents a trusted intrusion detection by utilizing hybrid pattern matching engines: FPGA-based and multicore-based pattern matching engine. To achieve synchronization of these two pattern matching engines, methodologies including multi-threading DFA and clustered state coding have been developed. These hybrid pattern matching engines increases the reliability and trustworthy of intrusion detection systems. Copyright © 2009 John Wiley & Sons, Ltd.