Multi pattern matching algorithm for embedded computer network engineering intrusion detection system

Abstract

In computer networks, security issues persist, and addressing hidden security risks is pivotal for ensuring network security. However, traditional single pattern matching algorithms like BM (Boyer-Moore) lack efficiency for network intrusion detection. This study employs multiple pattern matching algorithms to bolster the security of computer network engineering intrusion detection systems (IDS). A computer network intrusion detection system (NIDS) is designed using embedded technology to collect network logs and other pertinent data, subsequently comparing log data packets. The study delves into a multi pattern matching algorithm, AC (Aho-Corasick), which incorporates the SUNDAY algorithm to optimize unnecessary string matching jumps. Furthermore, the AC algorithm and BM algorithm are fused as control methods. Randomly generated 48M text data is utilized for testing purposes, comparing the AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm. For instance, when the pattern string length is 20 bytes, the memory consumption of the AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm is 12.2 MB, 9.8 MB, and 6.2 MB respectively. The findings indicate that applying the AC-SUNDAY algorithm in NIDS effectively reduces memory consumption and enhances the efficacy of network intrusion detection.

Keywords

Multi pattern matching algorithm intrusion detection system computer network embedded system

1. Introduction

Embedded technology and Internet technology are developing rapidly, network information is closely related to people’s life, and network information has wide application in business, finance, education and other fields. The growth of computer networks has improved people’s ability to process information, and the security of network information has a significant impact on people’s lives. However, with the expansion of the network scale, network intrusion events also occur frequently. The main threats to network security include computer virus, Trojan programs, worms, etc. The Jinshan Poison Fighter Global Anti Virus Monitoring Center stated that the global computer network virus attack is becoming increasingly strong, and criminals are producing malicious software on a large scale for their interests. Various malicious websites are also increasing, posing great harm to the global computer network. Cybercriminals steal network information and gain economic benefits by writing Trojan programs [1]. Network intrusion poses great harm to society, and detecting network intrusion is very important. Computer network engineering IDS are different from passive defense antivirus software in that they filter out unsafe information by detecting data packets entering the network and analyzing various network data. However, single pattern matching algorithms can only detect one type of network intrusion, and the practicality of network intrusion detection is not high. Multiple pattern matching algorithms can be utilized to NIDS to improve the effectiveness of network intrusion detection, so this article has research significance.

With the development of computer networks, the scale of networks is increasing, but network intrusion phenomena have also become frequent. Many people have used NIDS to remove unsafe information from the network. Mohammadpour Leila trained the benchmark dataset of network intrusion using convolutional neural networks, with a detection accuracy of 99.79%, and was able to accurately detect known network intrusion types [2]. Gurung Sandeep designed a system using deep learning. The designed intrusion detection method not only learned but also adjusted itself to previously undefined patterns. He used a logical classifier to classify network intrusion datasets, which could achieve very high accuracy in network intrusion detection [3]. Elrawy Mohamed Faisal proposed an IDS based on decision trees, which digitized strings in a given dataset. Then, he normalized the entire data to ensure the quality of the input data, thereby improving detection efficiency [4]. Verma Abhishek used machine learning technology to conduct statistical analysis on intrusion detection datasets, and improved the effectiveness of network intrusion detection by classifying and identifying different types of network intrusions [5]. The above research indicates that computer NIDS can actively investigate and detect various network information to ensure the security of the entire network system, but they have not applied multiple pattern matching algorithms to NIDS.

NIDS can effectively resist intrusion attacks and eliminate network vulnerabilities. Apruzzese Giovanni constructed a machine learning based NIDS, identifying and modeling the real capabilities and environment required for attackers to implement feasible and successful adversarial attacks, which could help strengthen defense systems and enable network defenders to solve the most critical and realistic problems [6]. Roshan Setareh proposed an adaptive design for an IDS based on extreme learning machines, which provided the ability to detect known and new attacks and updated them in a cost-effective manner based on new trends in data patterns provided by security experts [7]. Naseer Sheraz proposed, implemented, and analyzed an IDS based on deep convolutional neural networks, which classified different types of intrusion data by training and learning the intrusion dataset [8]. Researchers have applied the multi pattern matching algorithm to NIDS. Khraisat Ansam’s research pointed out that cyber attacks are becoming increasingly sophisticated and failure to prevent intrusions may reduce the trustworthiness of security services, such as data confidentiality, integrity and availability. Insecure information can be detected by matching strings in the intrusion data [9]. The application of multi pattern matching algorithms can achieve data matching of multiple intrusion types and improve the effectiveness of network intrusion detection, but there is a lack of comparative analysis of different multi pattern matching algorithms.

The frequent intrusion events in computer network bring challenges to network security, and the traditional single pattern matching algorithm has limitations in network intrusion detection. Aiming at this problem, this paper puts forward the application of multi-pattern matching algorithm, introduces AC-SUNDAY algorithm, and combines the advantages of AC algorithm and SUNDAY algorithm to improve the efficiency of NIDS. In this paper, the performance differences of different algorithms in matching time, memory consumption and matching accuracy are verified by experiments. The experimental results show that AC-SUNDAY algorithm has significant performance advantages in both fixed mode number and fixed mode length. This algorithm not only shows higher efficiency in matching time, but also is superior to other algorithms in memory consumption and matching accuracy, which provides a new solution to improve the practicability and efficiency of NIDS. By introducing multi-pattern matching algorithm and optimizing its performance, this paper has made an important contribution to improving the security and efficiency of computer network engineering intrusion detection system. This research not only expands the scope of network intrusion detection methods, but also provides new ideas and solutions to meet the increasingly severe network security challenges.

2. Network intrusion detection

2.1 Intrusion detection

Information technology is developing rapidly, and people often rely on the network for information processing for their business. The development of network technology has improved people’s ability to process information. Network security issues occur frequently, and network technology covers a wide range of fields, including finance, technology, education, and other fields. Illegal individuals steal and destroy relevant information through methods such as implanting Trojan programs, which poses great harm to society [10].

In the 21st century, the Internet is developing very fast. Computers all over the world are interconnected through internetworking to form a huge information network. Network security technology is also rapidly developing. Although static defense formed by technologies such as firewalls can resist most network attacks, it still cannot effectively prevent network information leakage [11, 12].

Virtual network technology is the establishment of a dedicated network on a public network, which effectively limits network intrusion through physical links. However, virtual network technology also has security issues. The security of the devices used has increased due to the complexity of virtual technology, and switches and other devices have become the main targets of attack. Moreover, the implementation of virtual addresses by various manufacturers in virtual networks is not perfect.

Firewall technology is a way to strengthen the control between networks, which can effectively prevent external network users from illegally entering the internal network, and can deny external users access to computer resources, thus improving the security of computer networks. However, firewall design only focuses on external attacks, ignoring Insider threat. When internal files or devices are infected, firewalls are difficult to function.

Intrusion detection technology is a security technology that can collect and analyze whether a computer network has been invaded [13, 14]. Intrusion detection technology can detect any activity in a certain network segment in real-time, but the accuracy of intrusion detection still needs to be improved. Network intrusion detection is to improve the security of network information by detecting network attacks.

While the Internet and computers are growing rapidly, the growth of many different industries is severely hampered by frequent computer security breaches. The formalization of computer security maintenance, the continuous evolution of network penetration, and the low quality and efficiency of maintenance have all become serious challenges in the process of social construction. The field of network applications is expanding, and the network department is developing rapidly. However, the lack of knowledge to maintain internet security has also caused great difficulties to maintain internet security.

The goal of intrusion detection technology is to track network threats, support system defense against these threats, improve the integrity of information security architecture, and provide system administrators with more security management tools. Intrusion detection is a practical supplement to firewalls, collecting data from many important computer network system locations and conducting inspections to check for violations of security policies and signs of network attacks.

The main task of an IDS is to continuously monitor network transmissions, and when network security devices detect suspicious transmissions, they issue alerts or initiate preventive measures. The difference between IDS and other network security tools is that they are a preventive security technology. Many large and medium-sized enterprises and government agencies are using IDS.

2.2 NIDS

With the development of internet technology, more and more users are transferring their core business to computer networks. Although it has improved business processing efficiency, it also faces many security issues. The increasing amount of information in the network has brought hidden dangers to network security management, and network finance and confidential file information are the main targets of network intrusion. There are many ways of network attacks, such as trojan programs, worm attacks, and computer virus. Traditional firewalls are difficult to ensure information security.

Intrusion system refers to all illegal operations such as unauthorized modification and theft of system data by intruders. Intrusion detection is to ensure the security of system data by detecting network packets, network status, and the operational behavior of network systems [15, 16]. The process of intrusion detection generally includes information collection and signal analysis.

Intrusion information collection is the foundation of system intrusion detection. By collecting network data packets, user behavior, and other data, intruders’ network intrusion can change the specific data of the network system. Collecting intrusion information can discover hidden dangers. In the actual intrusion detection process, it mainly collects information on illegal changes to network data files, network log files, and abnormal behavior of program execution. For example, when hackers invade the network, they steal and destroy important files in the network, and these behaviors are saved in the log. Collecting network log information can effectively analyze whether they have been invaded.

After collecting intrusion information, it is necessary to analyze the information, and pattern matching is the main method of analyzing intrusion information. Pattern matching is the process of comparing intrusion features of collected string information. When no abnormal character features are found, it indicates that the network is secure [17, 18]. When there are matching characters in the collected string information, it indicates that intrusion behavior has been detected.

With the development of embedded technology, NIDS can be embedded into small chips to achieve security protection for different computer network scenarios. The interface of the NIDS is shown in Fig. 1.

Figure 1.

Interface diagram of NIDS.

In Fig. 1, the interface of the NIDS is described. On the left side of the interface is the functional area, which includes intrusion query statistics, behavior management, security protection, etc. In the interface, different intrusion types can be detected by editing network intrusion detection items.

NIDS can monitor the activities of users and systems, detect and analyze system abnormal behavior. The core of intrusion detection is to compare the information collected in computer networks with data to determine whether an intrusion has occurred. In the era of rapid growth of internet users, e-commerce is developing rapidly, and a large amount of online information transactions require an extremely secure network environment.

2.3 Multi pattern matching algorithm

In NIDS, pattern matching algorithm is a very effective intrusion detection method. Pattern matching is the process of finding specific string information within a string. If a network intrusion causes changes to network logs and other files, analyzing abnormal characters in the log files can determine the network intrusion behavior. Pattern matching can be well applied to network intrusion detection. The information collected from the network is compared with the specified pattern database to analyze network intrusion behavior.

The process of pattern matching is shown in Fig. 2.

Figure 2.

Process diagram of pattern matching.

In Fig. 2, the information collected by the computer network is compared with the string in the specified database. When the collected information contains the same string as the compared information, it indicates that an intrusion has occurred.

The BM algorithm is an excellent single pattern matching algorithm that can complete string matching. The BM algorithm includes bad character rules and good suffix rules, allowing the pattern string to move to the right as much as possible. The BM algorithm needs to solve for the offset before matching, align the left end of the text string with the pattern string, and then perform character alignment to the right. The character matching efficiency of the BM algorithm is very high. It can be well used in network intrusion detection, but after a matching failure, it needs to be re matched.

In multi pattern matching, if the length of the intrusion feature pattern string is $M$ and the pattern contains $j$ , then the multi pattern can be represented as:

$\displaystyle{D}=\{{{p}_{1},{p}_{2},\ldots,{p}_{j}}\}$ (1)

For any strings $X$ and $Y$ , the distance between the two strings is ${D}({{X},{Y}})$ .

For pattern string $p[1:n]$ and pattern string $p[1:m]$ , the process of multi pattern matching is represented as:

$\displaystyle\mathop{\sum}\nolimits m\mathop{\sum}\nolimits n\{{0,1}\}^{n-m+j+1}$ (2)

For any two strings $a$ and $b$ , when ${a}=0$ :

$\displaystyle{D}({{a},{b}})=0$ (3)

When ${b}=0$ :

$\displaystyle{D}({{a},{b}})={a}$ (4)

Multi pattern matching refers to the matching of multiple pattern strings within a main string [19, 20]. The AC algorithm is a multi pattern matching algorithm. The process of data matching is divided into data preprocessing and data matching. All strings with intrusion features waiting for matching are formed into a set, and all substrings containing intrusion features in this article’s string are found. The AC algorithm has very high matching efficiency and can form new algorithms by combining with other algorithms.

The AC-BM algorithm combines the advantages of AC and BM algorithms, achieving multi feature matching while also utilizing the matching rules of BM algorithm. The AC-BM algorithm first determines whether there is a matching relationship between two strings in the process of string matching. When no matching occurs, it can skip to reduce the number of matches. However, the AC-BM algorithm also has drawbacks, as the maximum distance moved cannot be limited by the length of the shortest pattern string.

The SUNDAY algorithm is also a string matching algorithm that can skip meaningless matching characters as much as possible. This article adds the SUNDAY algorithm to the AC algorithm to enhance it. When the pattern string and text string do not intersect, the maximum movement distance of the AC-SUNDAY algorithm can be unconstrained, thereby elongating the jump. By omitting meaningless matching characters to enhance feature matching, the AC-SUNDAY algorithm effectively solves the shortcomings of the AC-BM algorithm.

In the era of the Internet, information technology has been applied to various fields, and the problems of network intrusion and attacks are also increasing, seriously endangering people’s lives and even national security. The types and frequency of network intrusions are very high. A computer NIDS is established, and multiple pattern matching algorithms are used to actively detect abnormal network intrusion data, which can ensure network security.

3. Intrusion detection comparison experiment

3.1 Intrusion detection experimental environment

Computer networks have become an essential part of people’s daily lives, and the speed and convenience of network technology have made people’s lives more convenient. Information technology is widely used in fields such as finance and education. Maintaining network security and ensuring the reliability of network information has become the foundation for the growth of the network.

The issue of network security is very prominent, and criminals use denial of service attacks, Trojan programs, worms and other means to invade the network recklessly, resulting in a large amount of network information data leakage and even tampering. This article randomly calculates the types of intrusions that occurred on 500 computers in China in 2018. The statistical results are illustrated in Table 1.

Table 1
Table of network intrusion types

Serial number	Invasion type	Quantity	Percentage
1	Get password intrusion	100	20%
2	Remote control intrusion	50	10%
3	Trojan horse invasion	200	40%
4	System vulnerability intrusion	60	12%
5	Email intrusion	30	6%
6	Network monitoring intrusion	60	12%

In Table 1, the types of intrusions suffered by 500 computers are described. A total of 6 network intrusion methods were counted. The types of network intrusions are diverse, and effective detection of network intrusions is crucial.

As embedded technology develops, a computer network intrusion detection system can be embedded in a computer chip for processing, thus realizing real-time monitoring of network intrusion. The experimental environment for this article is a Windows 10 system, Intel Core 7th generation processor, with 4G of memory. The compilation platform used Microsoft Visual 6.0 from Microsoft Corporation. Microsoft Visual 6.0 was used to randomly generate 48M of text data for testing.

In the case of a fixed number of patterns, the number of pattern strings was set to 20, and the length of pattern strings was set to 4, 8, 12, 16, and 20 bytes for testing. In the case of fixed pattern length, the length of the pattern string was 8 bytes, and the number of patterns was set to 4, 8, 12, 16, and 20.

3.2 Intrusion detection experimental design

To comprehensively analyze the effectiveness of network intrusion detection, this article compared different multi pattern matching algorithms and analyzed the intrusion detection performance of AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm. In a NIDS, the pattern string was compared with the collected text data. In order to effectively evaluate the effectiveness of pattern matching, it is necessary to establish pattern matching evaluation indicators.

In intrusion detection pattern matching, the most important concern is the accuracy of pattern matching, which directly affects the effectiveness of intrusion detection. Matching accuracy reflects the algorithm’s ability to remove network threats. On the basis of ensuring matching accuracy, it is also necessary to minimize the time spent on matching as much as possible. This is mainly due to the high number of network intrusions, which requires IDS to process them quickly. In addition, the pattern consumes system resources during the matching process, mainly memory consumption. Therefore, analyzing the memory consumption of different matching algorithms is also very important.

This article compared the performance of AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm in three aspects: matching time, memory consumption, and matching accuracy. Due to the possibility of data statistical errors in a single experiment, this article set up multiple sets of experiments to eliminate the errors, and the results of data statistics were the average values of multiple sets of experiments.

4. Intrusion detection comparison results

4.1 Comparison of matching times

In the multi pattern matching algorithms of NIDS, many algorithms have different matching principles. The shorter the matching time of the algorithm, the better the performance of the relevant IDS, and the more network intrusions discovered per unit time. This article compared the matching time of three multi pattern matching algorithms. The comparison outcome is illustrated in Fig. 3.

Figure 3.

Comparison results of matching times. A: Fixed pattern quantity matching time. B: Fixed pattern length matching time.

In Fig. 3A, the matching time of three algorithms with a fixed number of patterns is described, and different pattern lengths are experimentally set for testing. The matching time of the three multi pattern matching algorithms decreased with the increase of pattern length, mainly because the length of the pattern increases and the more strings the pattern matches, which can shorten the matching time. The matching time of the AC-SUNDAY algorithm studied in this article was always smaller than the other two algorithms, and the matching time of the AC-SUNDAY algorithm studied in this article decreased faster. The AC-SUNDAY algorithm studied in this article had a matching time of 800 ms when the pattern string length was 4 bytes, and 742 ms when the pattern string length was 20 bytes. The shorter matching time of the AC-SUNDAY algorithm is mainly due to the introduction of the SUNDAY algorithm, which can achieve unnecessary character detection jumps. In Fig. 3B, the matching time of the three algorithms increased with the increase of the number of patterns, but the matching time of the AC-SUNDAY algorithm was smaller than that of the other two algorithms. The traditional AC algorithm had a matching time of 1080 ms when the number of patterns was 4, and 1400 ms when the number of patterns was 20. The AC-SUNDAY algorithm studied in this article had a matching time of 980 ms when the number of patterns was 4, and 1230 ms when the number of patterns was 20. The AC-SUNDAY algorithm studied in this article can effectively shorten the pattern matching time of network intrusion detection.

4.2 Memory consumption comparison

In NIDS, due to the large amount of data involved in intrusion detection, memory consumption has become an important indicator for measuring the performance of IDS. When the amount of recognition data is the same, the smaller the memory consumption, the more data the system can detect intrusions. This article compared the memory consumption of three multi pattern matching algorithms. The comparison outcome is illustrated in Fig. 4. To make the comparison of memory more obvious, this article compared the number of fixed pattern lengths between 100, 200, 300, 400, and 500.

Figure 4.

Comparison results of memory consumption. A: Fixed mode quantity memory consumption. B: Fixed mode length memory consumption.

In Fig. 4A, the memory consumption is described when the number of modes is fixed. The memory consumption of the three algorithms decreased as the length of the pattern increased, as the longer the pattern, the less process the string needs to be compared. The AC-SUNDAY algorithm consumed less memory than the other two algorithms. When the pattern string length was 4 bytes, the AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm consumed 15.8 MB, 14.6 MB, and 12.6 MB of memory, respectively. When the modular string length was 20 bytes, the memory consumed by the AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm was 12.2 MB, 9.8 MB, and 6.2 MB, respectively. The AC-SUNDAY algorithm reduced the number of matches and memory consumption by skipping. In Fig. 4B, the memory consumption at a fixed pattern length is described. The memory consumption of the three algorithms increased with the number of patterns, mainly because the more patterns there are, the more memory space is required to achieve string matching. The AC-SUNDAY algorithm studied in this article consumed less memory than the AC-BM algorithm, and the AC-BM algorithm consumed less memory than the AC algorithm. The AC-SUNDAY algorithm consumed less memory than the other two algorithms and can be suitable for scenarios with high intrusion detection requirements to meet high-frequency intrusion detection.

4.3 Fixed pattern quantity matching accuracy

In NIDS, a very high detection accuracy is required to ensure network security, and the effectiveness of intrusion detection depends on the accuracy of pattern matching. The fixed number of patterns was set to 20, and the matching accuracy under different pattern string lengths was compared. The comparison outcome is illustrated in Fig. 5.

Figure 5.

Matching accuracy of fixed number of patterns.

Figure 6.

Matching accuracy of fixed pattern length.

In Fig. 5, the overall accuracy difference of the three algorithms did not exceed 1%. However, the accuracy of the AC-SUNDAY algorithm was higher than that of the AC algorithm, and the accuracy of the AC algorithm was higher than that of the AC-BM algorithm. The matching accuracy of the three algorithms showed an increasing trend, mainly due to the longer the pattern string, the more feature data is compared. The matching accuracy of the AC algorithm was 99.4% when the length was 4 bytes, and 99.8% when the length was 20 bytes. The AC-BM algorithm had a matching accuracy of 99.2% when the length was 4 bytes, and 99.8% when the length was 20 bytes. The AC-SUNDAY algorithm studied in this article had a matching accuracy of 99.5% at a length of 4 bytes and 99.9% at a length of 20 bytes. Therefore, NIDS using the AC-SUNDAY algorithm can improve matching accuracy under a fixed number of patterns.

4.4 Fixed pattern length matching accuracy

When analyzing the matching accuracy of different multi pattern matching algorithms, it is necessary to consider the fixed pattern length. This article set the length of the pattern string to 8 bytes. The comparison results of matching accuracy for fixed pattern lengths are illustrated in Fig. 6.

In Fig. 6, the matching accuracy of a fixed pattern length is described. The matching accuracy of the three algorithms was not significantly different. The matching accuracy of the three algorithms showed a decreasing trend. The AC-SUNDAY algorithm studied in this article had a matching accuracy of 99.7% when the number of patterns was 4, and 99.1% when the number of patterns was 20. The AC-SUNDAY algorithm has better matching accuracy under different number of patterns, which can improve the effectiveness of intrusion detection.

5. Conclusions

As Internet technology develops, the network plays a very important role in people’s lives. The network involves all aspects of people’s lives, and network attacks occur frequently, causing great harm to the development of society. The foundation for cracking down on network attacks and ensuring network security is intrusion detection. This article designed a NIDS that utilized pattern matching to filter data packets. This article embedded IDS into computer chips and analyzed the performance of different multi pattern matching algorithms. This article conducted experimental analysis on the AC algorithm, AC-BM algorithm, and AC-SUNDAY algorithm, and compared them in three aspects: matching time, memory consumption, and matching accuracy. The experimental outcomes showed that the AC-SUNDAY algorithm can shorten matching time, reduce memory consumption, and improve matching accuracy. The combination of AC algorithm and SUNDAY algorithm has performed a significant skip search in the process of intrusion diagnosis matching, improving the effectiveness of network intrusion detection. However, the multi pattern matching algorithm analyzed in this article is not comprehensive enough. Comparing more multi pattern matching algorithms would be the direction of future research.

References

Guo

Wei

Zhang

. A risk analysis framework for social engineering attack based on user profiling. Journal of Organizational and End User Computing (JOEUC). 2020; 32(3): 37-49. doi: 10.4018/JOEUC.2020070104.

Mohammadpour

Teck

Chee

Chun

. A convolutional neural network for network intrusion detection system. Proceedings of the Asia-Pacific Advanced Network. 2018; 46(0): 50-55.

Gurung

Mirnal

Aroj

. Deep learning approach on network intrusion detection system using NSL-KDD dataset. International Journal of Computer Network and Information Security. 2019; 11(3): 8-14.

Elrawy

Ali

Hesham

FAH

. Intrusion detection systems for IoT-based smart environments: A survey. Journal of Cloud Computing. 2018; 7(1): 1-20.

Verma

Virender

. On evaluation of network intrusion detection systems: Statistical analysis of CIDDS-001 dataset using machine learning techniques. Pertanika Journal of Science & Technology. 2018; 26(3): 1307-1332.

Apruzzese

Mauro

Luca

Mirco

. Modeling realistic adversarial attacks against network intrusion detection systems. Digital Threats: Research and Practice (DTRAP). 2022; 3(3): 1-19.

Roshan

Yoan

Anton

Amaury

. Adaptive and online network intrusion detection system using clustering and extreme learning machines. Journal of the Franklin Institute. 2018; 355(4): 1752-1779.

Naseer

Yasir

. Enhanced network intrusion detection using deep convolutional neural networks. KSII Transactions on Internet and Information Systems (TIIS). 2018; 12(10): 5159-5178.

Khraisat

Iqbal

Peter

Joarder

. Survey of intrusion detection systems: Techniques, datasets and challenges. Cybersecurity. 2019; 2(1): 1-22.

10.

Wang

. Research on application of artificial intelligence in computer network technology. International Journal of Pattern Recognition and Artificial Intelligence. 2019; 33(5): 1959015.

11.

Zaripova

. Network security issues and effective protection against network attacks. International Journal on Integrated Education. 2021; 4(2): 79-85.

12.

Jain

Somya

Jyoti

. Online social networks security and privacy: Comprehensive review and analysis. Complex & Intelligent Systems. 2021; 7(5): 2157-2177.

13.

Mishra

Vijay

Uday

Emmanuel

. A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Communications Surveys & Tutorials. 2018; 21(1): 686-728.

14.

Tidjon

Marc

Amel

. Intrusion detection systems: A cross-domain overview. IEEE Communications Surveys & Tutorials. 2019; 21(4): 3639-3681.

15.

Panigrahi

Samarjeet

. A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems. International Journal of Engineering & Technology. 2018; 7.3(24): 479-482.

16.

Sharafaldin

Amirhossein

Arash

Ali

. Towards a reliable intrusion detection benchmark dataset. Software Networking. 2018; 2018(1): 177-200.

17.

Chayapathi

. Analysis of pattern matching algorithms used for searching the patterns in mlir framework. Turkish Journal of Computer and Mathematics Education (TURCOMAT). 2021; 12(7): 738-748.

18.

Rashmi

Kumar

. Parallel processing approach for pattern matching using MPI. International Journal of Computer Applications. 2018; 180(11): 31-34.

19.

Nunes

LSN

Jacir

Yasuaki

ITO

Koji

. A rabin-karp implementation for handling multiple pattern-matching on the GPU. IEICE TRANSACTIONS on Information and Systems. 2020; 103(12): 2412-2420.

20.

Rasool

Gulfishan

Raju

Nilay

. Efficient multiple pattern matching algorithm based on BMH: MP-BMH. Int. Arab J. Inf. Technol. 2019; 16(6): 1121-1130.