275 0

Rule indexing for efficient intrusion detection systems

Title
Rule indexing for efficient intrusion detection systems
Author
임을규
Keywords
indexing; intrusion detection system; Network security; pattern matching; Snort
Issue Date
2012-06
Publisher
Elsevier Science B.V
Citation
Lecture Notes in Computer Science, 2012, 7115, P.136-141
Abstract
As the use of the Internet has increased tremendously, the network traffic involved in malicious activities has also grown significantly. To detect and classify such malicious activities, Snort, the open-sourced network intrusion detection system, is widely used. Snort examines incoming packets with all Snort rules to detect potential malicious packets. Because the portion of malicious packets is usually small, it is not efficient to examine incoming packets with all Snort rules. In this paper, we apply two indexing methods to Snort rules, Prefix Indexing and Random Indexing, to reduce the number of rules to be examined. We also present experimental results with the indexing methods. © 2012 Springer-Verlag Berlin Heidelberg.
URI
https://link.springer.com/chapter/10.1007%2F978-3-642-27890-7_11http://hdl.handle.net/20.500.11754/67861
ISBN
978-364227889-1
ISSN
0302-9743
DOI
10.1007/978-3-642-27890-7_11
Appears in Collections:
COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE