Network traffic analysis optimization for signature-based intrusion detection systemsстатья

Дата последнего поиска статьи во внешних источниках: 29 мая 2015 г.

Работа с статьей


[1] Kazachkin D. S., Gamayunov D. Y. Network traffic analysis optimization for signature-based intrusion detection systems // Proceedings of the 2nd Spring Young Researchers' Colloquium on Software Engineering (SYRCoSE 2008). — Vol. 1. — Institute for System Programming of the Russian Academy of Sciences (ISPRAS) Moscow, Russia, 2008. — P. 27–31. In this paper we propose a method for signature matching optimization in the field of intrusion detection and prevention. Signature matching algorithm performance is one of the key factors in the overall quality of the IDS/IPS, especially in high-speed networks. Optimization method proposed in this paper relies on semantics of the signature matching task, typical for such systems as Snort. The method minimizes the number of patterns called by the detection system for each network packet, reducing the time of its processing.

Публикация в формате сохранить в файл сохранить в файл сохранить в файл сохранить в файл сохранить в файл сохранить в файл скрыть