Your Search Results

Use this resource - and many more! - in your textbook!

AcademicPub holds over eight million pieces of educational content for you to mix-and-match your way.

Experience the freedom of customizing your course pack with AcademicPub!
Not an educator but still interested in using this content? No problem! Visit our provider's page to contact the publisher and get permission directly.

Priority-based high-speed intelligent rule-checking

By: Gopalan, S.; Shah, M.; Sachidananda, S.; Varadarajan, S.;

2006 / IEEE / 89-5519-129-4


This item was taken from the IEEE Conference ' Priority-based high-speed intelligent rule-checking ' Snort rule-checking is one of the most popular forms of network intrusion detection systems (NIDS). Recent work in string matching has focused on offloading string matching to hardware realizations in order to achieve time and space efficiencies. However, any form of implementation would have to maintain a threshold performance in order to keep with the packet data rate. While trying to maintain this threshold, control-unit is forced to either drop some packets or some rules. In this work, we present a packet priority technique that prioritizes the packets such that there is a high probability that the potentially malicious packets are detected within the threshold limit. We also present a novel intelligent string arrangement (ISA) that enables complete packet scanning in a smart and time efficient manner.