首页> 外文会议>Proceedings of the 2015 International Conference on Green Computing and Internet of Things >Performance enhancement of a Malware Detection System using score based prioritization of snort rules

【24h】

Performance enhancement of a Malware Detection System using score based prioritization of snort rules

机译：使用基于分数的snort规则优先级来增强恶意软件检测系统的性能

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Snort is an open source Intrusion Detection System (IDS) that uses a rule-based approach to detect different kinds of malware, online attacks, vulnerabilities, etc. The performance of a Malware Detection System (MDS) deployed in a large network depends on the nature and type of rules stored in its database. As the number and type of attacks are increasing, more number of rules are appended in the MDS database. This increase in the size of rule database itself becomes the bottleneck in the performance of the MDS. This paper proposes a rule scoring based mechanism for prioritizing the snort rules so as to optimize the number of rules in the MDS database. Only those rules are retained in the database whose total score is greater than the computed threshold value. The results show that the performance of MDS has enhanced remarkably.

机译：Snort是一种开源入侵检测系统（IDS），它使用基于规则的方法来检测不同种类的恶意软件，在线攻击，漏洞等。部署在大型网络中的恶意软件检测系统（MDS）的性能取决于存储在其数据库中的规则的性质和类型。随着攻击数量和类型的增加，MDS数据库中会附加更多规则。规则数据库本身大小的增加成为MDS性能的瓶颈。本文提出了一种基于规则评分的机制，用于对snort规则进行优先级排序，从而优化MDS数据库中规则的数量。只有那些规则被保留在数据库中，它们的总得分大于计算出的阈值。结果表明，MDS的性能显着提高。

著录项

来源
《Proceedings of the 2015 International Conference on Green Computing and Internet of Things 》|2015年|1150-1155|共6页
会议地点 Greater Noida(IN)
作者
Pritpal Singh; Sunny Behal; Krishan Kumar;
展开▼
作者单位

Dept. of CSE, SBSSTC, Ferozepur, India;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Alert; Anamoly; False Positive; Intrusion; Malware; Signature;

机译：警报;异常;误报;入侵;恶意软件;签名;

相似文献

外文文献
中文文献
专利

1. Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining [J] . Nattawat Khamphakdee, Nunnapus Benjamas, Saiyan Saiyod Journal of ICT Research and Applications . 2015 ,第3期

机译：利用数据挖掘的关联规则技术改进基于Snort规则的网络探针攻击检测入侵检测系统
2. Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining [J] . Nattawat Khamphakdee, Nunnapus Benjamas, Saiyan Saiyod ITB Journal of Information and Communication Technology . 2015 ,第3期

机译：利用数据挖掘的关联规则技术改进基于Snort规则的网络探针攻击检测入侵检测系统
3. THE INTRUSION DETECTION PREVENTION SYSTEM AND PERFORMANCE ANALYSIS VIA INTERNET PROTOCOL TELEVISION (IPTV) USING SNORT RULE [J] . Narumol Chumuang, Mahasak Ketcham, Thaweesak Yingthawornsuk Far East Journal of Electronics and Communications . 2018 ,第5期

机译：使用SNORT规则通过Internet协议电视（IPTV）进行入侵检测预防系统和性能分析
4. Performance enhancement of a Malware Detection System using score based prioritization of snort rules [C] . Pritpal Singh, Sunny Behal, Krishan Kumar International Conference on Green Computing and Internet of Things . 2015

机译：使用Snort规则的CAST CAST优先级进行恶意软件检测系统的性能增强
5. Choking under Pressure Detection Model Based on Expert System Foundation Using Tennis Performance Variables for Individual Performance Enhancement [D] . Vancurik, Stepan. 2021

机译：基于专家系统基础的压力检测模型窒息，使用网球性能变量进行单独性能增强
6. Enhancement of Decision Rules to Increase Generalizability and Performance of the Rule-Based System Assessing Risk for Pressure Ulcer [O] . J. Choi, H. Kim 2013

机译：增强决策规则以提高可评估压疮风险的基于规则的系统的通用性和性能
7. Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining [O] . Nattawat Khamphakdee, Nunnapus Benjamas, Saiyan Saiyod 2015

机译：利用snort规则改进数据挖掘关联规则检测网络探测攻击检测系统

Performance enhancement of a Malware Detection System using score based prioritization of snort rules

摘要

著录项

相似文献

相关主题

期刊订阅