Focus Shifts to Hybrid Solutions for Pattern Matching.DUBLIN, Ireland -- Research and Markets (http://www.researchandmarkets.com/reports/c46331) has announced the addition of "Pattern Recognition (Technical Insights)" to their offering. A detailed technological assessment of the emerging pattern matching 1. pattern matching - A function is defined to take arguments of a particular type, form or value. When applying the function to its actual arguments it is necessary to match the type, form or value of the actual arguments against the formal arguments in some definition. techniques/algorithms and products pertaining to network intrusion detection See IDS and IPS. and network security applications, from around the globe. This Frost & Sullivan research service entitled Pattern Recognition provides a technological assessment of the emerging pattern matching techniques/algorithms and products pertaining to network intrusion detection and network security applications, with an insight into the future of these technologies. In this research service, Frost & Sullivans expert analysts thoroughly examine pattern recognition in implementation for network security and related algorithmic developments for intrusion detection. Technologies The following technologies are covered in this research: * Behaviour Analysis * Intrusion Detection * Content Filtering See Web filtering and parental control software. Technology Overview Importance of Network Security Drives Innovation in Pattern Recognition Pattern matching algorithms for network security have been in development for many years. Network security is extremely important in modern-day communications systems and is likely to be a key driver for sustained innovation in the pattern recognition industry. Today, researchers are focusing on developing advanced matching techniques that support regular expressions, long signatures, IPv6, and so on, with faster throughput and have developed many coprocessors to enable this. The drive to develop advanced pattern recognition techniques has also generated considerable interest in designing a mechanism to perform pattern matching by using only the longest prefix matching Longest prefix match refers to an algorithm used by routers in Internet Protocol (IP) networking to select an entry from a routing table. Because each entry in a routing table may specify a network, one destination address may match more than one routing table entry. (LPM (Lines Per Minute) The number of lines a printer can print or a scanner can scan in a minute. lpm - lines per minute ) operations. In this way security switches based on the current Layer-3 switches hardware platforms Each hardware platform, or CPU family, has a unique machine language. All software presented to the computer for execution must be in the binary coded machine language of that CPU. Following is a list of the major hardware platforms in existence today. See platform. can be designed. The trend in network security is to develop technologies for network access control (NAC See network access control. ) as most attacks are being launched from inside the network, notes the analyst of this research service. Therefore, these security switches are likely to become increasingly important in the years to come. High-speed pattern matching algorithms (>10 Gbps) are also extremely important for NAC. As far as complex combination pattern matching is concerned, there have been significant advances in the literal or classification areas, as seen in the growing shift from Non-deterministic Finite Automata-Perl Compatible Regular Expressions (NFA-PCRE)-based approaches to combination-oriented Deterministic Finite Automata Finite Automata - Finite State Machine (DFA DFA - Deterministic Finite-state Automaton. See Finite State Machine. ) approaches. In future, most solutions for pattern matching in the intrusion detection, antivirus, and anti-spam areas are expected to be based on DFA-based approaches. Focus Shifts to Hybrid Solutions for Pattern Matching The move from the traditional NFA-PCRE-based approach to DFA is to shift the focus to use both hardware and software implementations for intrusion detection and thereby, overcome the limitations of each. Conventional intrusion detection systems This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. face various problems, which provide ample opportunities to develop more efficient hybrid solutions. The development of these solutions is to integrate both static methods of detection such as pattern matching and information on the dynamic state of the system such as users, behavioral profiles generated by audit logs and so on. The shift toward more hybrid solutions in the pattern recognition industry is because pattern matching is not very evolved as a detection methodology, and any slight changes in the attack pattern in networks are capable of causing technique failure. This explains why the network security industry is shifting toward a combination-oriented pattern matching solution such as DFA that combines heuristics, pattern matching, content analysis, protocol analysis, and anomaly detection An approach to intrusion detection that establishes a baseline model of behavior for users and components in a computer system or network. Deviations from the baseline cause alerts that direct the attention of human operators to the anomalies. See IDS and anomaly. , says the analyst. The DFA is a kind of sub-element in the classification of an intrusion or a virus signature. For more information visit http://www.researchandmarkets.com/reports/c46331 |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion