| Snort规则集的优化方法 |
| |
| 引用本文: | 董明明,巩青歌.Snort规则集的优化方法[J].计算机安全,2009(8):35-37. |
| |
| 作者姓名: | 董明明 巩青歌 |
| |
| 作者单位: | 武警工程学院,陕西,西安,710086 |
| |
| 摘 要: | 高速网络的发展使得提高检测速度成为入侵检测系统面,临的关键问题。通过对Snort规则集优化方法的分析与比较,提出将活跃规则集划分与多子集划分相结合的方法,先从整体上优先选择要匹配的规则集,然后进行并行匹配,以提升入侵检测中规则匹配的效率。
|
| 关 键 词: | Snort 入侵检测 规则匹配 |
Research and Improvement on Optimizing Snort Rule Sets |
| |
| DONG Ming-ming,GONG Qing-ge.Research and Improvement on Optimizing Snort Rule Sets[J].Network & Computer Security,2009(8):35-37. |
| |
| Authors: | DONG Ming-ming GONG Qing-ge |
| |
| Affiliation: | (Engineering College of China Armed Police Force, Xi' an, Shanxi 710086, China) |
| |
| Abstract: | The development of high speed network makes that how to improve the detection rate a key problem for the intrusion detection system. This paper proposed combining dividing active rule sets and dividing multi-subsets by analyzing and comparing several methods of optimizing the Snort rule sets, first choosing the rule sets for matching, and then parallel matching them to improve the matching rate effectively. |
| |
| Keywords: | Snort IDS Rule matching |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
