In-memory storage and search system for event management in network security

Author

Fan, Yuan ; Su, Xiao

Author_Institution

Dept. of Comput. Eng., San Jose State Univ., CA, USA

Volume

2

fYear

2005

fDate

4-6 April 2005

Firstpage

734

Abstract

The performance of network security applications greatly depends on the amount of network-related events that can be kept in memory. Storing a larger number of events in memory can facilitate tasks like correlation analysis in intrusion detection, locating traces of intrusions, and real-time packet analysis. In this paper, we present a patent provisioned storage and search system that can be used for efficient and flexible insertion, search, and management of network security events in memory. It was motivated by the ternary tree data structure and has been adapted to meet the needs of security-related applications. We have performed simulations to show that it outperforms traditional hash methods in terms of memory storage and search efficiency.

Keywords

Internet; security of data; storage management; tree data structures; tree searching; correlation analysis; event management; hash methods; in-memory search system; in-memory storage system; intrusion detection; network security applications; patent provisioned search system; patent provisioned storage system; ternary tree data structure; Application software; Computer network management; Computer security; Data security; Databases; Electronic mail; Intelligent networks; Intrusion detection; Memory management; Secure storage;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on

Print_ISBN

0-7695-2315-3

Type

conf

DOI

10.1109/ITCC.2005.174

Filename

1425232