Use this resource - and many more! - in your textbook!
AcademicPub holds over eight million pieces of educational content for you to mix-and-match your way.
Priority-based high-speed intelligent rule-checking
2006 / IEEE / 89-5519-129-4
This item was taken from the IEEE Conference ' Priority-based high-speed intelligent rule-checking ' Snort rule-checking is one of the most popular forms of network intrusion detection systems (NIDS). Recent work in string matching has focused on offloading string matching to hardware realizations in order to achieve time and space efficiencies. However, any form of implementation would have to maintain a threshold performance in order to keep with the packet data rate. While trying to maintain this threshold, control-unit is forced to either drop some packets or some rules. In this work, we present a packet priority technique that prioritizes the packets such that there is a high probability that the potentially malicious packets are detected within the threshold limit. We also present a novel intelligent string arrangement (ISA) that enables complete packet scanning in a smart and time efficient manner.
Network Intrusion Detection Systems
Offloading String Matching
Packet Priority Technique
Field Programmable Gate Arrays
Intrusion Detection Systems
High-speed Intelligent Rule-checking
Intelligent String Arrangement
Security Of Data