The International Arab Journal of Information Technology (IAJIT)

..............................
..............................
..............................


Parallel Scalable Approximate Matching Algorithm for Network Intrusion Detection Systems

Matching algorithms are working to find the exact or the approximate matching between text “T” and pattern “P”, due to the development of a computer processor, which currently contains a set of multi-cores, multitasks can be performed simultaneously. This technology makes these algorithms work in parallel to improve their speed matching performance. Several exact string matching and approximate matching algorithms have been developed to work in parallel to find the correspondence between text “T” and pattern “P”. This paper proposed two models: First, parallelized the Direct Matching Algorithm (PDMA) in multi-cores architecture using OpenMP technology. Second, the PDMA implemented in Network Intrusion Detection Systems (NIDS) to enhance the speed of the NIDS detection engine. The PDMA can be achieved more than 19.7% in parallel processing time compared with sequential matching processing. In addition, the performance of the NIDS detection engine improved for more than 8% compared to the current SNORT-NIDS detection engine.


[1] Abu-Alhaj M., Abu-Hashem M., Hnaif A, Abouabdalla1 O., Halaiyqah M., and Manasrah A., “An Innovative Platform to Improve the Performance of Exact String-Matching Algorithms,” International Journal of Computer Science and Information Security, vol. 7, no. 1, pp. 225-227, 2010.

[2] Ashraf S., Aslam Z., Yahya A., and Tahir A., “Underwater Routing Protocols: Analysis of Intrepid Link Selection Mechanism, Challenges and Strategies,” International Journal of Scientific Research in Computer Science and Engineering, vol. 8, no. 2, pp. 1-9, 2020.

[3] Berman K. and Paul J., Algorithms: Sequential, Parallel, and Distributed, Thomson/Course Technology, 2005.

[4] Brakensiek J. and Rubinstein A., “Constant Factor Approximation of Near-Linear Edit Distance in Near-Linear Time,” arXiv:1904.05390v2, pp. 1-40, 2019.

[5] Charras C. and Lecroq T., “http://www-igm.univ- mlv.fr/~lecroq/string/,” Last Visited, 2020.

[6] Goldenberg E., Krauthgamer R., and Saha B., “Sublinear Algorithms for Gap Edit Distance,” in Proceedings of IEEE 60th Annual Symposium on Foundations of Computer Science, Baltimore, pp. 1101-1120, 2019.

[7] Hlayel A. and Hnaif A., “A New Exact Pattern Matching Algorithm (WEMA),” Journal of Applied Science, vol. 14, no. 2, pp. 193-196, 2014.

[8] Hlayel A. and Hnaif A., “An Algorithm to Improve the Performance of String Matching,” Journal of Information Science, vol. 40, no. 3, pp. 357-362, 2014.

[9] Hnaif A., “A New Platform NIDS Based on WEMA,” International Journal of Information Technology and Computer Science, vol. 7, no. 6, pp. 52-58, 2015.

[10] Hnaif A., Aldahoud A., Alia A., Al’otoum I., and Nazzal D., “Multiprocessing Scalable String Matching Algorithm for Network Intrusion Detection System,” International Journal of High Performance Systems Architecture, vol. 8, no. 3, pp. 159-168, 2019.

[11] Hnaif A., Mohammad A., Abouabdalla O., Ramadass S., and Kadhum M., “Parallel Quick Search Algorithm to Speed Packet Payload Filtering in NIDS,” Journal of Engineering Science and Technology, vol. 4, no. 2, pp. 220- 230, 2009.

[12] Jaber K., Alia O., and Shuaib., “M P-HS-SFM: A Parallel Harmony Search Algorithm for the Reproduction of Experimental Data in the Continuous Microscopic Crowd Dynamic Models,” Journal of Experimental and Theoretical Artificial Intelligence, vol. 30, no. 2, pp. 235-255, 2018.

[13] Jaber K., Dyala R., Al-Sanhani A., and Hamad N., “A Framework for Parallel Boyer-Moore- Quick Search Algorithm (P-BM-QS),” in Proceedings of 30th IBIMA Conference, Madrid, pp. 1623-1628, 2017.

[14] Jyothsna V., Prasad V., and Prasad K., “A Review of Anomaly-Based Intrusion Detection Systems,” International Journal of Computer Applications, vol. 28, no. 7, pp. 26-35, 2011.

[15] Magán-Carrión R., Urda D., Díaz-Cano I., and Dorronsoro B., “Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches,” Applied Sciences, vol. 10, no. 5, 2020.

[16] Mighan S. and Kahani M., “A Novel Scalable Intrusion Detection System Based on Deep Learning,” International Journal of Information Security, pp. 1-17, 2020.

[17] Navarro G. and Fredriksson K., “Average Complexity of Exact and Approximate Multiple String Matching,” Theoretical Computer Science 321, vol. 321, no. 2-3, pp. 283-290, 2004.

[18] Raju S. and Vinayababu A., “Optimal Parallel Algorithm for String Matching on Mesh Network Structure,” International Journal of Applied Mathematical Sciences, vol. 3, no. 2, pp. 167-175, 2006. 84 The International Arab Journal of Information Technology, Vol. 18, No. 1, January 2021

[19] Raju S. and Vinaya A., “Parallel Algorithms for String Matching Problem on Single and Two Dimensional Reconfigurable Pipelined Bus Systems,” Journal of Computer Science, vol. 3, no. 9, pp. 754-759, 2007.

[20] Sundararajan R. and Arumugam U., “FBMT: Fuzzy Based Merkle Technique for Detecting and Mitigating Malicious Nodes in Sensor Networks,” The International Arab Journal of Information Technology, vol. 16, no. 6, pp. 1106-1113, 2019.

[21] Tabash M., Abd Allah M., and Tawfik B., “Intrusion Detection Model Using Naive Bayes and Deep Learning Technique,” The International Arab Journal of Information Technology, vol. 17, no. 2, pp. 215-224, 2020.

[22] You J., Park S., and Kim I., “An Efficient Frequent Melody Indexing Method to Improve the Performance of Query-By-Humming Systems,” Journal of Information Science, vol. 34, no. 6, pp. 777-798, 2008. Adnan Hnaif is an associate professor at the computer science department, Faculty of Science and information technology, Al Zaytoonah University of Jordan. Dr. Hnaif received his Ph.D. degree in Computer Science from University Sains Malaysia-National Advanced IPv6 Centre and Excellence (NAV6) in 2010. He received his MSc degree in Computer Science from the Department of Computer Science in 2003, and obtained his Bachelor's degree in Computer Science from the Department of Computer Science, in 1999/2000. His researches focus on computer networks and communications, wireless sensor networks, network security, parallel processing, and algorithms. Khalid Jaber is an Associate Professor of Computer Science at the Faculty of Science and Information Technology at the Al-Zaytoonah University of Jordan, director of the E-learning and Open Educational Resource Center, and IEEE Jordan section treasurer since September 2015. He received his B.Sc. degree in Computer Science from Al-Isra University, Amman, Jordan in, 2005. Furthermore, he obtained his M.Sc. and Ph.D. degrees in Computer Science from the Universiti Sains Malaysia, Penang, Malaysia, in 2007 and 2011, respectively. Dr. Jaber's research interest focuses on data representation and the associated algorithms and parallel programming. Mohammad Alia is the dean of Scientific Research at Al Zaytoonah University of Jordan (ZUJ). He is a professor at the computer information systems department, Faculty of Science Computer and information technology ZUJ. He received the B.Sc. degree in Science from the Al Zaytoonah University, Jordan, in 2000. He obtained his Ph.D. degree in Computer Science from the University Science of Malaysia, in 2008. During 2000 until 2004, he worked at Al-Zaytoonah University of Jordan as an instructor of Computer Sciences and Information Technology. Then, he worked as a lecturer at Al-Quds University in Saudi Arabia from 2004 - 2005. His research interests are in the field of Cryptography and Network security. Mohammed Daghbosheh is an Assistant Professor of Comp uter Information System at the Faculty of Science and Information Technology -Irbid National University of Jordan. He received his B.Sc. degree in Computer Science from Al-Zaytonneh University, Amman, Jordan in, 2000. Furthermore, he obtained his M.Sc. degrees in Information Technology in 20003, and Ph.D. degrees in Computer Information System from the University of Arab Academy for Banking and Financial Sciences 2012. Dr. Daghbosheh research interest focuses on data security and artificial intelligence