On the fly pattern matching for intrusion detection with Snort

被引:0
|
作者
Abbes, T
Bouhoula, A
Rusinowitch, M
机构
[1] INRIA Lorraine, LORIA, F-54602 Villers Les Nancy, France
[2] Ecole Super Commun Tunis, Ariana 2083, Tunisia
来源
ANNALS OF TELECOMMUNICATIONS | 2004年 / 59卷 / 9-10期
关键词
computer security; local area network; intruder detector; filtering; protection; packet transmission;
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
Intrusion Detection Systems are becoming necessary tools for system administrators to protect their network. However they find more and more difficulties with high speed networks. To enhance their capacity and deal with evasion techniques, frequently used by hackers, we have introduced a new method to filter the network traffic. The detection method, while being stateful, processes each packet as soon as it is received. We have employed this strategy after a new classification of detection rules. Then, we have used efficient multisearch methods and suitable datastructure for signatures. The method has been successfully implemented as an extension of the Intrusion Detection System "Snort".
引用
收藏
页码:1045 / 1071
页数:27
相关论文
共 50 条
  • [1] Building intrusion pattern miner for Snort network intrusion detection system
    Wuu, Lih-Chyau
    Hung, Chi-Hsiang
    Chen, Sout-Fong
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2007, 80 (10) : 1699 - 1715
  • [2] Building intrusion pattern miner for snort network intrusion detection system
    Wuu, LC
    Chen, SF
    [J]. 37TH ANNUAL 2003 INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, PROCEEDINGS, 2003, : 477 - 484
  • [3] On the fly pattern matching for intrusion detection with SnortFiltrage de Paquets à la Volée pour la Détection D’Intrusions avec Snort
    Tarek Abbes
    Adel Bouhoula
    Michael Rusinowitch
    [J]. Annales des Télécommunications, 2004, 59 (9-10): : 1045 - 1071
  • [4] Towards faster string matching for intrusion detection or exceeding the speed of snort
    Coit, CJ
    Staniford, S
    McAlerney, J
    [J]. DISCEX'01: DARPA INFORMATION SURVIVABILITY CONFERENCE & EXPOSITION II, VOL I, PROCEEDINGS, 2001, : 367 - 373
  • [5] Research of pattern matching in intrusion detection
    Huang, JC
    Tian, JF
    Du, RZ
    Zhai, JQ
    [J]. 2003 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-5, PROCEEDINGS, 2003, : 1877 - 1882
  • [6] Robust and Fast Pattern Matching for Intrusion Detection
    Namjoshi, Kedar
    Narlikar, Girija
    [J]. 2010 PROCEEDINGS IEEE INFOCOM, 2010,
  • [7] An Effective Pattern Matching Algorithm for Intrusion Detection
    Zhang, Qing-Qing
    Zhang, Qian
    Feng, Yue-jiang
    [J]. MECHATRONICS ENGINEERING, COMPUTING AND INFORMATION TECHNOLOGY, 2014, 556-562 : 3010 - +
  • [8] IMPROVEMENT OF ALGORITHM FOR PATTERN MATCHING IN INTRUSION DETECTION
    Zhao, Dongcan
    Zhu, Xiaomin
    Xu, Tong
    [J]. 2013 5TH IEEE INTERNATIONAL CONFERENCE ON BROADBAND NETWORK & MULTIMEDIA TECHNOLOGY (IC-BNMT), 2013, : 281 - 284
  • [9] Hybrid pattern matching for trusted intrusion detection
    Soewito, Benfano
    Vespa, Lucas
    Weng, Ning
    Wang, Haibo
    [J]. SECURITY AND COMMUNICATION NETWORKS, 2011, 4 (01) : 33 - 43
  • [10] Improved Algorithm of pattern matching for Intrusion Detection
    Liu Zhen
    Xu Su
    Zhang Jue
    [J]. MINES 2009: FIRST INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY, VOL 2, PROCEEDINGS, 2009, : 446 - 449
12345