| 基于Snort的入侵检测系统性能优化 |
| |
| 引用本文: | 韩忠秋.基于Snort的入侵检测系统性能优化[J].计算机安全,2009(6):41-43. |
| |
| 作者姓名: | 韩忠秋 |
| |
| 作者单位: | 四川大学,计算机学院,四川,成都,610065 |
| |
| 摘 要: | 通过对Snort的规则匹配方式和模式匹配算法进行分析,为了提高基于Snort的入侵检测系统检测效率,提出了在规则匹配过程中充分利用处理函数的参数之间的关系,从而动态减少无效匹配次数,在模式匹配阶段采用改进的模式匹配算法提高匹配速度,从根本上优化了入侵检测系统的检测性能。
|
| 关 键 词: | 入侵检测系统 规则匹配 模式匹配 性能优化 |
The Performance Optimization of Snort-based Intrusion Detection System |
| |
| HAN Zhong-qiu.The Performance Optimization of Snort-based Intrusion Detection System[J].Network & Computer Security,2009(6):41-43. |
| |
| Authors: | HAN Zhong-qiu |
| |
| Affiliation: | Computer Department;Sichuan University;Chengdu;Sichuan 610065;China |
| |
| Abstract: | Snort is a mature open source code network invasion detection system. The rule matching mode and pattern matching arithmetic have been analyzed in this paper. For improve the speed of the snort-based intrusion detection, we utilized relationship between parameters, significantly reduced invalid rules in the running time. By using the improved pattern matching arithmetic to increase the matching speed in the pattern matching phase, the detection performance was optimized ultimately. |
| |
| Keywords: | intrusion detection system rule matching pattern matching performance optimization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
