Improvement on rules matching algorithm of snort based on dynamic adjustment

Author

Zhao, Kuo ; Chu, Jianfeng ; Che, Xilong ; Lin, Lin ; Hu, Liang

Author_Institution

Dept. of Comput. Sci. & Technol., Jilin Univ., Changchun

fYear

2008

Firstpage

285

Lastpage

287

Abstract

With the increasing network security accidents, intrusion detection systems (IDS) have been an indispensable part of information system. As a popular light network intrusion detection system, Snort has been a focus in research field. In this paper, dynamic adjustment algorithm is applied to the improvement of rule matching based on the analysis of original mechanism of Snort. Additionally, further optimization is discussed against the problem of simple dynamic adjustment, and improved two step dynamic rule adjustment algorithm is provided. Experiment results show that this method increases the speed of rules matching and improve the detection efficiency of Snort.

Keywords

information systems; optimisation; public domain software; security of data; dynamic adjustment; information system; intrusion detection systems; network security; optimization; rules matching; snort; Algorithm design and analysis; Application software; Computer hacking; Heuristic algorithms; IP networks; Information security; Internet; Intrusion detection; Protocols; Telecommunication traffic; algorithm; dynamic adjustment; rules matching;

fLanguage

English

Publisher

ieee

Conference_Titel

Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on

Conference_Location

Guiyang

Print_ISBN

978-1-4244-2584-6

Electronic_ISBN

978-1-4244-2585-3

Type

conf

DOI

10.1109/IWASID.2008.4688401

Filename

4688401