| 一种Snort规则的优化方法 |
| |
| 引用本文: | 陈军卫,梅进杰.一种Snort规则的优化方法[J].计算机安全,2010(11):55-57. |
| |
| 作者姓名: | 陈军卫 梅进杰 |
| |
| 作者单位: | 空军雷达学院,湖北武汉430019 |
| |
| 摘 要: | Snort是一款基于规则发现入侵行为的网络入侵检测系统,为了提高入侵检测系统中检测引擎的速度和效益,在分析Snort的规则组织结构和规则匹配过程的基础上,提出了一种规则优化的方法。该方法充分利用了协议特征和规则内容,能有效地加快检测引擎的速度,提高入侵检测的效率。
|
| 关 键 词: | 入侵检测 Snort 规则 优化 |
A Method of Optimizing the Rules in Snort |
| |
| CHEN Jun-wei,MEI Jin-jie.A Method of Optimizing the Rules in Snort[J].Network & Computer Security,2010(11):55-57. |
| |
| Authors: | CHEN Jun-wei MEI Jin-jie |
| |
| Affiliation: | (AFRA, Wuhan,Hubei 430019, China) |
| |
| Abstract: | Snort is a network intrusion detection system which detects intrusion behavior on the basis of rules. To improve the speed and benefit of intrusion detection engine in intrusion detection system, on the base of analyzing the organizational structure and rules matching process of snort, a new method of the optimization of rules is introduced. The new method makes full use of the characters of the protocols and the content of the rules. It can effectively expedite the speed of intrusion detection engine and improve the efficiency of the intrusion detection. |
| |
| Keywords: | intrusion detection snort rules optimization |
| 本文献已被 维普 万方数据 等数据库收录! |
|
