Abstract: The crucial factor of the IDS （Intrusion Detection System） is whether the attack signature is accurate.With the unceasing development of the technology of polymorphic worm，how to generate the signature of polymorphic worm speedily and effectively is very important in the research area of the signature generation in IDS.This paper presents a signature generation algorithm based on pattern.The signature is the longest common subsequence generated by sequence comparison of several suspicious polymorphic worm flows，and represented in two vector styles.The new incoming polymorphic worm flows is detected by the signature vector and similarity metric.From the similarity metric in false positive and false negative，the experimental results show that this method can achieve high detection performance.