Call for Paper - April 2023 Edition
IJCA solicits original research papers for the April 2023 Edition. Last date of manuscript submission is March 20, 2023. Read More

Improved Single Keyword Pattern Matching Algorithm for Intrusion Detection System

International Journal of Computer Applications
© 2014 by IJCA Journal
Volume 90 - Number 9
Year of Publication: 2014
K. Prabha
S. Sukumaran

K Prabha and S Sukumaran. Article: Improved Single Keyword Pattern Matching Algorithm for Intrusion Detection System. International Journal of Computer Applications 90(9):26-30, March 2014. Full text available. BibTeX

	author = {K. Prabha and S. Sukumaran},
	title = {Article: Improved Single Keyword Pattern Matching Algorithm for Intrusion Detection System},
	journal = {International Journal of Computer Applications},
	year = {2014},
	volume = {90},
	number = {9},
	pages = {26-30},
	month = {March},
	note = {Full text available}


With the spreading of the internet and online procedures requesting a secure channel, it has become an inevitable requirement to provide the network security. It is very clear that firewalls are not enough to secure a network completely because the attacks committed from outside of the network are stopped whereas inside attacks are not. This is the situation where intrusions detection systems (IDSs) are in charge. IDSs are used in order to stop attacks, recover from them with the minimum loss or analyze the security problems. String matching algorithms are essential for IDS that filter packets and flows based on their payload. This work describes the concept of single keyword pattern matching algorithms. A new improved single keyword pattern matching algorithm is proposed. The new method reduces character comparisons, faster and more reliable in network security applications. The experimental results show that the new algorithm is highly efficient. Its search time is cut down significantly compared with other popular existing algorithms and its memory occupation stays at a low level. Moreover, conclusion on results is made and direction for future works is presented.


  • Apostolico and M. Crochemore. String pattern matching for a deluge survival kit. Handbook of massive data sets, 2002.
  • B. Kim, S. Yoon and J. Oh, "Multi-hash based Pattern Matching Mechanism for High-Performance Intrusion Detection," International Journal of Computers. Vol. No. 3. Issue1, 2009.
  • Bace R. An introduction to intrusion detection and assessment for system and network security management. ICSA Intrusion Detection Systems Consortium Technical Report, 1999.
  • Christian Charras, Thierry Lecroq, "Handbook of Exact String Matching Algorithms", King's College Publications, 2004, ISBN :0954300645.
  • Coit C J, Staniford S, McAlerney J, "Towards faster string matching for intrusion detection or exceeding the speed of Snort", Proceedings of the DARPA Information Survivability Conference and Exposition II (DISCEX'01). Los Alamitos, CA, USA: IEEE Comput. Soc. , 2001.
  • Denning, Dorothy E. : Information Warfare and Security. Addison Wesley Longman, Inc. , Reading, 1999.
  • Fisk M, Varghese G, "An analysis of fast string matching applied to content-based forwarding and intrusion detection", Technical Report CS2001-0670. San Diego: University of California, 2002.
  • Martin Roesch, "Snort-Lightweight Intrusion Detection for Networks", Stanford Telecommunications, Inc, 13th LISA conference, 1999.
  • Meier, Michael; Holz, Thomas: Intrusion Detection Systems List and Bibliography. http://wwwrnks. informatik. tucottbus. de/en/security/ids. html, 2003.
  • M. Fisk, and G. Varghese, "An analysis of fast string matching applied to content-based forwarding and intrusion detection", Technical Report CS2001-0670 (updated version), University of California - San Diego, 2002.
  • N. Tuck, T. Sherwood, B. Calder, and G. Varghese, "Deterministic memory-efficient string matching algorithms for intrusion detection", Proc. IEEE Infocom, vol. 4, March 2004.
  • RRehman RU, Intrusion detection systems with snort. Upper Saddle River, New Jersey, Publishing as Prentice Hall PTR, 2003.
  • R. M. Karp and M. O. Rabin. "Efficient randomized pattern-matching algorithms", IBM Journal of Research and Development, Vol. 31, no. 2, 1987.
  • R. N. Horspool,"Practical fast searching in strings", Software-Practice and Experience, Vol. 10, no. 6, 1980
  • R. S. Boyer and J. S. Moore, "A fast string searching algorithm", Communications of the ACM, Vol. 20, no. 10, 1977.
  • S. Dharmapurikar, J. W. Lockwood, "Fast and Scalable Pattern Matching for Network Intrusion Detection Systems", IEEE Journal on Selected Areas in Communications, vol. 24, 2006.
  • T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein. Introduction to Algorithms, Second Edition. The MIT Press and McGraw-Hill Book Company, 2002.
  • W. Yang, B-X. Fang, B. Liu, and H-L. Zhang, "Intrusion detection system for high-speed network," Computer Communications. Vol 27, 2004.
  • W. Lee, J. D. Cabrera, A. Thomas, N. Balwalli, S. Saluja, and Y. Zhang, "Performance adaptation in real-time intrusion detection systems," in RAID, 2002.
  • YU Jianming, XUE Yibo, LI Jun, "Memory Efficient String Matching Algorithm for Network Intrusion Management System", Tsinghua Science and Technology, ISSN 1007-0214, October 2007.