Rule Indexing for Efficient Intrusion Detection Systems

机译：高效入侵检测系统的规则索引

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

As the use of the Internet has increased tremendously, the network traffic involved in malicious activities has also grown significantly. To detect and classify such malicious activities, Snort, the open-sourced network intru sion detection system, is widely used. Snort examines incoming packets with all Snort rules to detect potential malicious packets. Because the portion of mali cious packets is usually small, it is not efficient to examine incoming packets with all Snort rules. In this paper, we apply two indexing methods to Snort rules, Prefix Indexing and Random Indexing, to reduce the number of rules to be examined. We also present experimental results with the indexing methods.

机译：随着Internet的使用急剧增加，恶意活动所涉及的网络流量也大大增加。为了检测和分类此类恶意活动，广泛使用开放源代码网络入侵检测系统Snort。 Snort使用所有Snort规则检查传入的数据包，以检测潜在的恶意数据包。由于恶意数据包的部分通常很小，因此使用所有Snort规则检查传入数据包效率不高。在本文中，我们将两种索引方法应用于Snort规则，即前缀索引和随机索引，以减少要检查的规则数量。我们还介绍了索引方法的实验结果。

著录项

来源
《Information security applications.》|2011年|p.136-141|共6页
会议地点 Jeju Island(KR);Jeju Island(KR)
作者
Boojoong Kang; Hye Seon Kim; Ji Su Yang; Eul Gyu Im;
展开▼
作者单位

Department of Electronics and Computer Engineering, Hanyang University, Seoul, 133-791, Korea;

Department of Electronics and Computer Engineering, Hanyang University, Seoul, 133-791, Korea;

Department of Electronics and Computer Engineering, Hanyang University, Seoul, 133-791, Korea;

Division of Computer Science and Engineering,Hanyang University, Seoul, 133-791, Korea;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;安全保密;
关键词
network security; indexing; pattern matching; intrusion detection system; snort;

机译：网络安全;索引模式匹配;入侵侦测系统; ort;
入库时间 2022-08-26 14:07:16

相似文献

外文文献
中文文献
专利

1. Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining [J] . Nattawat Khamphakdee, Nunnapus Benjamas, Saiyan Saiyod Journal of ICT Research and Applications . 2015,第3期

机译：利用数据挖掘的关联规则技术改进基于Snort规则的网络探针攻击检测入侵检测系统
2. Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining [J] . Nattawat Khamphakdee, Nunnapus Benjamas, Saiyan Saiyod ITB Journal of Information and Communication Technology . 2015,第3期

机译：利用数据挖掘的关联规则技术改进基于Snort规则的网络探针攻击检测入侵检测系统
3. A Rule Status Monitoring Algorithm for Rule-Based Intrusion Detection and Prevention Systems [J] . Claude Turner, Rolston Jeremiah, Dwight Richards, Procedia Computer Science . 2016,第1期

机译：基于规则的入侵检测与防御系统的规则状态监控算法
4. Balanced Indexing Method for Efficient Intrusion Detection Systems [C] . BooJoong Kang, Hye Seon Kim, Ji Su Yang, International conference on information security and cryptology . 2013

机译：高效入侵检测系统的平衡索引方法
5. Association rule based data mining approaches for Web Cache Maintenance and adaptive Intrusion Detection systems. [D] . Mohan, Sujaa Rani. 2005

机译：Web缓存维护和自适应入侵检测系统的基于关联规则的数据挖掘方法。
6. Integrating Software Engineering Processes in the Development of Efficient Intrusion Detection Systems in Wireless Sensor Networks [O] . Iman Almomani, Afnan Alromi 2020

机译：在无线传感器网络中高效的入侵检测系统开发中集成软件工程流程
7. Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems [O] . Shyu Mei-Ling, Huang Zifang, Luo Hongli Ph.D. 2009

机译：网络入侵检测系统的顺序入侵模式的高效挖掘和检测

Rule Indexing for Efficient Intrusion Detection Systems

摘要

著录项

相似文献

相关主题

期刊订阅