Pattern Matching using Layered STRIFA for Intrusion Detection

With the advent and explosive growth of the global Internet adaptive/automatic network intrusion and anomaly detection in wide area data networks is fast gaining critical research and practical importance. In order to detect intrusions in a network, need efficient IDS. Deep packet inspection (DPI) has the ability to inspect both packet headers and payloads to identify the attack signatures in order to protect Internet systems. Regular expression matching, despite its flexibility and efficiency in attack detection, brings high computation and storage complexities to NIDSs, making packet processing a bottleneck. Stride finite automata (StriFA), a new family of finite automata, to accelerate both string matching and regular expression matching with reduced memory consumption. To increase the efficiency of StriFA, a layered approach of attack detection by using KDD 99 DARPA dataset is integrated with StriFA. We demonstrate that attack detection accuracy can be achieved by using StriFA and high efficiency by implementing the Layered Approach. Keywords-StriFA, Probe, DoS, R2L, U2R, NIDS