An Efficient Packet Pre-filtering Algorithm for NIDS

The increasing number of rules used in Network Intrusion Detection System(NIDS) based on pattern matching lead to the performance diminishing. An efficient algorithm(Multi-AC) for Packet Pre-filtering is proposed to improve the performance of Packet Pre-filtering and NIDS. By making Multilevel AC finite automata, it reduces the number of rules that are candidates for a full match. Experiments based on Snort show that the rules’ number can be reduced to 11%-14% by using Multi-AC algorithm.