Rule indexing for efficient intrusion detection systems
- Title
- Rule indexing for efficient intrusion detection systems
- Author
- 임을규
- Keywords
- indexing; intrusion detection system; Network security; pattern matching; Snort
- Issue Date
- 2012-06
- Publisher
- Elsevier Science B.V
- Citation
- Lecture Notes in Computer Science, 2012, 7115, P.136-141
- Abstract
- As the use of the Internet has increased tremendously, the network traffic involved in malicious activities has also grown significantly. To detect and classify such malicious activities, Snort, the open-sourced network intrusion detection system, is widely used. Snort examines incoming packets with all Snort rules to detect potential malicious packets. Because the portion of malicious packets is usually small, it is not efficient to examine incoming packets with all Snort rules. In this paper, we apply two indexing methods to Snort rules, Prefix Indexing and Random Indexing, to reduce the number of rules to be examined. We also present experimental results with the indexing methods. © 2012 Springer-Verlag Berlin Heidelberg.
- URI
- https://link.springer.com/chapter/10.1007%2F978-3-642-27890-7_11http://hdl.handle.net/20.500.11754/67861
- ISBN
- 978-364227889-1
- ISSN
- 0302-9743
- DOI
- 10.1007/978-3-642-27890-7_11
- Appears in Collections:
- COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
- Files in This Item:
There are no files associated with this item.
- Export
- RIS (EndNote)
- XLS (Excel)
- XML