Abstract | ||
---|---|---|
As the use of the Internet has increased tremendously, the network traffic involved in malicious activities has also grown significantly. To detect and classify such malicious activities, Snort, the open-sourced network intrusion detection system, is widely used. Snort examines incoming packets with all Snort rules to detect potential malicious packets. Because the portion of malicious packets is usually small, it is not efficient to examine incoming packets with all Snort rules. In this paper, we apply two indexing methods to Snort rules, Prefix Indexing and Random Indexing, to reduce the number of rules to be examined. We also present experimental results with the indexing methods. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1007/978-3-642-27890-7_11 | WISA |
Keywords | Field | DocType |
indexing method,incoming packet,snort rule,potential malicious packet,efficient intrusion detection system,prefix indexing,network traffic,random indexing,rule indexing,malicious packet,open-sourced network intrusion detection,malicious activity,network security,indexation,intrusion detection system,indexing,pattern matching | Data mining,Random indexing,Computer science,Computer security,Network packet,Network security,Search engine indexing,Prefix,Intrusion detection system,Pattern matching,The Internet | Conference |
Citations | PageRank | References |
1 | 0.38 | 8 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
BooJoong Kang | 1 | 118 | 11.55 |
Hye Seon Kim | 2 | 4 | 1.15 |
Ji Su Yang | 3 | 1 | 0.72 |
Eul Gyu Im | 4 | 175 | 24.80 |