Место издания:Institute for System Programming of the Russian Academy of Sciences (ISPRAS) Moscow, Russia
Первая страница:27
Последняя страница:31
Аннотация:In this paper we propose a method for signature matching optimization in the field of intrusion detection and prevention. Signature matching algorithm performance is one of the key factors in the overall quality of the IDS/IPS, especially in high-speed networks. Optimization method proposed in this paper relies on semantics of the signature matching task, typical for such systems as Snort. The method minimizes the number of patterns called by the detection system for each network packet, reducing the time of its processing.