Abstract | ||
---|---|---|
Snort is the most popular Intrusion Detection Systems (IDS). It will generate alert messages when an arrival packet matches some of the pre-defined rules. Snort has some problems as follows: it tries the matching for all of the rules even when the packet never matches some rules in case of matching some other rules, and it provides contradictory and redundant alert messages when a set of erroneous and poorly-organized rules is given. This paper proposes a method for characterizing relations between Snort rules towards the solutions for the above problems. The proposed method calculates topological relations between Snort rules based on a set theory. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1109/CANDAR.2014.58 | CANDAR |
Keywords | Field | DocType |
intrusion detection system,ids,set theory,snort rules,set-based calculation,snort rul,topological relation characterization,security of data | Set theory,Data mining,Topology,Computer science,Network packet,Theoretical computer science,Intrusion detection system | Conference |
Citations | PageRank | References |
1 | 0.48 | 0 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Yi Yin | 1 | 15 | 2.55 |
Yun Wang | 2 | 8 | 3.00 |
Naohisa Takahashi | 3 | 1 | 0.48 |