Performance Improvement in Signature Detection Engine Using Dual Algorithms

This paper talks about a novel idea of dual algorithms in Signature Detection Engines, which can be thought of as anti-virus scanners for network traffic. Signature Detection Engine inspects the incoming packets for the known intrusion-related signatures or anomalies related to Internet protocols. Based upon a set of signatures and rules, the detection system is able to find and log suspicious activity and generate alerts. The authors engine has been implemented using Knuth-Morris-Pratt and Boyer-Moore Algorithm where one can switch between these two depending on extent of vulnerability of the network. The paper also includes comparison of both the algorithms with other existing string matching algorithms.