| 提高Snort规则匹配速度方法的研究与实现 |
| |
| 引用本文: | 王志强,王猛.提高Snort规则匹配速度方法的研究与实现[J].计算机安全,2008(8). |
| |
| 作者姓名: | 王志强 王猛 |
| |
| 作者单位: | 太原科技大学,计算机科学与技术学院,山西,太原,030024 |
| |
| 摘 要: | 当今的网络环境变得越来越复杂,网络安全管理员的工作不断加重,不经意的疏忽便有可能遗留下安全的重大隐患,同时,网上黑客教程和千余种入侵工具随手可得,使网络安全问题防不胜防。该文对开放源代码入侵检测系统Snort的规则匹配算法进行分析,重新构造了Snort搜索引擎,从而提高了规则匹配速度。
|
| 关 键 词: | 入侵检测系统(IDS) 规则匹配 检测引擎 |
Research and Implementation on Increasing speed of Rule-matching in Snort |
| |
| WANG Zhi-qiang,WANG Meng.Research and Implementation on Increasing speed of Rule-matching in Snort[J].Network & Computer Security,2008(8). |
| |
| Authors: | WANG Zhi-qiang WANG Meng |
| |
| Abstract: | While the present network environment becomes more and more complex,the network security manager's work changes to be more serious accordingly. The nonchalant negligence then has the possibility to leave behind the significant hidden danger of safety. Moreover,it is convenient to obtain the on - line course and a thousand kinds of invasion tools,which poses great challenges to the network security. This article analyzes the rules matching algorithm of Snort ,an open source-code NIDS.In order to increase effectively the rule matching speed,some tentative work is done to rebuild the examination Engineer of Snort. |
| |
| Keywords: | intrusion detection system rule matching examination Engineer |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
