%0 Journal Article
%T Study of Intrusion Detection Based on Binary Tree Data Structure<br>一种基于二叉树结构的入侵检测研究*
%A JI Xiang-min
%A DAI Ying-xi
%A LIAN Yi-feng
%A LIU Qing-pu
%A <br>纪祥敏
%A 戴英侠
%A 连一峰
%A 刘青普
%J 计算机应用研究
%D 2005
%I 
%X In this paper, binary tree structure substitutes for linked list structure used in traditional IDS, aiming to better storage of rules and improve pattern matching so as to speed intrusion detection. After briefly analyzing rule structure of Snort, this paper expatiates the design of binary tree basing on the idea of rules clustering in detail.Meanwhile, the most discriminating features are dynamically selected in each node and tested parallelly by adopting C4.5 algorithm for the sake of achieving performance optimizations. Last but not least, in order to reduce redundant compare and noneffective matching as possible,a new string matching algorithm called Int Match,which is a fast multiple matching algorithm using number operations, is used to significantly advance pattern matching and accelerate rules accessing.
%K Binary Tree Structure
%K Rules Clustering
%K Matching Algorithm<br>二叉树结构
%K 规则聚类
%K 匹配算法
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=A9D9BE08CDC44144BE8B5685705D3AED&aid=D524A828B0FD98DF&yid=2DD7160C83D0ACED&vid=BC12EA701C895178&iid=5D311CA918CA9A03&sid=BB0EA31DB1B01173&eid=6700D0D256586E73&journal_id=1001-3695&journal_name=计算机应用研究&referenced_num=2&reference_num=7