An automatic scheme to construct Snort rules from honeypots data

Li Xiaoyong; Liu Dongxi

首页> 外文期刊>系统工程与电子技术（英文版） >An automatic scheme to construct Snort rules from honeypots data

【24h】

An automatic scheme to construct Snort rules from honeypots data

机译：从蜜罐数据构造Snort规则的自动方案

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

页面导航

摘要
著录项
相关主题

摘要

A scheme to construct signatures automatically for Snort from the data captured by honeypots is presented.With this scheme intrusion detection systems can be quickly updated to detect new intrusions soon when happen. The idea is based on the observation that any traffic to and from honeypots represents abnormal activities, so data patterns extracted from these packets can be used by misuse detection system to identify new attacks. The algorithm of constructing rules is discussed. Experiment illustrates the effectiveness of the scheme.

机译：提出了一种从蜜罐捕获的数据中自动为Snort构造签名的方案，利用该方案可以快速更新入侵检测系统，以在发生新入侵时立即检测到新入侵。该想法基于以下观察：往返蜜罐的任何流量都代表异常活动，因此滥用检测系统可以使用从这些数据包中提取的数据模式来识别新的攻击。讨论了规则构造算法。实验说明了该方案的有效性。

著录项

来源
《系统工程与电子技术（英文版）》 |2005年第2期|466-470|共5页
作者
Li Xiaoyong; Liu Dongxi;
展开▼
作者单位

Department of Computer Science and Engineering, Shanghai Jiaotong University, Shanghai 200030, P. R. China;

School of Computing, National University of Singapore, Singapore 119260, Singapore;

展开▼
收录信息
原文格式 PDF
正文语种 chi
中图分类自动化技术及设备;
关键词
signature constructing; intrusion detection; Snort; honeypot;

机译：签名构建;入侵检测;鼻塞;蜜罐;
入库时间 2022-08-17 13:04:52

An automatic scheme to construct Snort rules from honeypots data

摘要

著录项

相关主题

期刊订阅