Curation
Crin
Racine
Curation
Checkpoint
Crin
Racine
Crin
Exploration
Accueil
Racine
Racine

Serveur d'exploration sur la recherche en informatique en Lorraine

Attention, ce site est en cours de développement !
Attention, site généré par des moyens informatiques à partir de corpus bruts.
Les informations ne sont donc pas validées.

Fast Multipattern Matching for Intrusion Detection

Identifieur interne : 003F11 ( Crin/Curation ); précédent : 003F10; suivant : 003F12

Fast Multipattern Matching for Intrusion Detection

Auteurs : Tarek Abbes ; Michael Rusinowitch

Source :

RBID : CRIN:abbes04c

English descriptors

Abstract

Misuse intrusion detection (IDS) detects signatures of attack scenarios. Hackers try to avoid detection by permuting actions, and inserting, hiding or overlapping packets. Stateful detection becomes thus essential to suitably supervise network traffic. We propose in this paper a new approach for analysing the network traffic. The inspection, while being stateful, processes each packet as soon as it is received. We have used this strategy with appropriate multi-search methods and adequate datastructures for signatures.

Links toward previous steps (curation, corpus...)

Links to Exploration step

CRIN:abbes04c

Le document en format XML

<record>
<TEI>
<teiHeader>
<fileDesc>
<titleStmt>
<title xml:lang="en" wicri:score="338">Fast Multipattern Matching for Intrusion Detection</title>
</titleStmt>
<publicationStmt>
<idno type="RBID">CRIN:abbes04c</idno>
<date when="2004" year="2004">2004</date>
<idno type="wicri:Area/Crin/Corpus">003F11</idno>
<idno type="wicri:Area/Crin/Curation">003F11</idno>
<idno type="wicri:explorRef" wicri:stream="Crin" wicri:step="Curation">003F11</idno>
</publicationStmt>
<sourceDesc>
<biblStruct>
<analytic>
<title xml:lang="en">Fast Multipattern Matching for Intrusion Detection</title>
<author>
<name sortKey="Abbes, Tarek" sort="Abbes, Tarek" uniqKey="Abbes T" first="Tarek" last="Abbes">Tarek Abbes</name>
</author>
<author>
<name sortKey="Rusinowitch, Michael" sort="Rusinowitch, Michael" uniqKey="Rusinowitch M" first="Michael" last="Rusinowitch">Michael Rusinowitch</name>
</author>
</analytic>
</biblStruct>
</sourceDesc>
</fileDesc>
<profileDesc>
<textClass>
<keywords scheme="KwdEn" xml:lang="en">
<term>intrusion detection</term>
<term>pattern matchin</term>
</keywords>
</textClass>
</profileDesc>
</teiHeader>
<front>
<div type="abstract" xml:lang="en" wicri:score="674">Misuse intrusion detection (IDS) detects signatures of attack scenarios. Hackers try to avoid detection by permuting actions, and inserting, hiding or overlapping packets. Stateful detection becomes thus essential to suitably supervise network traffic. We propose in this paper a new approach for analysing the network traffic. The inspection, while being stateful, processes each packet as soon as it is received. We have used this strategy with appropriate multi-search methods and adequate datastructures for signatures.</div>
</front>
</TEI>
<BibTex type="inproceedings">
<ref>abbes04c</ref>
<crinnumber>A04-R-224</crinnumber>
<category>3</category>
<equipe>CASSIS</equipe>
<author>
<e>Abbes, Tarek</e>
<e>Rusinowitch, Michael</e>
</author>
<title>Fast Multipattern Matching for Intrusion Detection</title>
<booktitle>{13th Annual Conference on European Institute for Computer Anti-virus Research - EICAR'2004, Luxemburg, Luxembourg}</booktitle>
<year>2004</year>
<editor>Urs E. Gattiker</editor>
<month>May</month>
<note>EICAR 2004 Conference CD-rom : Best Paper Proceedings (ISBN 87-987271-6-8)</note>
<keywords>
<e>pattern matchin</e>
<e>intrusion detection</e>
</keywords>
<abstract>Misuse intrusion detection (IDS) detects signatures of attack scenarios. Hackers try to avoid detection by permuting actions, and inserting, hiding or overlapping packets. Stateful detection becomes thus essential to suitably supervise network traffic. We propose in this paper a new approach for analysing the network traffic. The inspection, while being stateful, processes each packet as soon as it is received. We have used this strategy with appropriate multi-search methods and adequate datastructures for signatures.</abstract>
</BibTex>
</record>

Pour manipuler ce document sous Unix (Dilib)

EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Crin/Curation

HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 003F11 | SxmlIndent | more

Ou

HfdSelect -h $EXPLOR_AREA/Data/Crin/Curation/biblio.hfd -nk 003F11 | SxmlIndent | more

Pour mettre un lien sur cette page dans le réseau Wicri

{{Explor lien
   |wiki=    Wicri/Lorraine
   |area=    InforLorV4
   |flux=    Crin
   |étape=   Curation
   |type=    RBID
   |clé=     CRIN:abbes04c
   |texte=   Fast Multipattern Matching for Intrusion Detection
}}
Wicri

This area was generated with Dilib version V0.6.33.
Data generation: Mon Jun 10 21:56:28 2019. Site generation: Fri Feb 25 15:29:27 2022