| Snort规则链表结构的分析与改进 |
| |
| 引用本文: | 严书亭,刘佳新,王新生. Snort规则链表结构的分析与改进[J]. 燕山大学学报, 2006, 30(3): 272-275 |
| |
| 作者姓名: | 严书亭 刘佳新 王新生 |
| |
| 作者单位: | 1. 燕山大学,信息科学与工程学院,河北,秦皇岛,066004
2. 燕山大学,现代教育技术中心,河北,秦皇岛,066004 |
| |
| 摘 要: | Snort主要是根据规则树对数据进行递归匹配。因此规则树的结构是否合理,在很大程度上影响着Snort规则匹配的速度。本文对Snort规则链表结构进行了分析,并针对Snort规则树过于简单这一不足之处,对其进行改进,在保持原有规则匹配方法的基础上,增加宽度优先搜索算法,从而减少规则匹配所需时间。
|
| 关 键 词: | 基于网络的入侵检测系统 规则树 宽度优先 规则匹配 |
| 文章编号: | 1007-791X(2006)03-0272-04 |
| 修稿时间: | 2005-12-20 |
Analysis and improvement of structure of snort rule chain |
| |
| YAN Shu-ting,LIU Jia-xin,WANG Xin-sheng. Analysis and improvement of structure of snort rule chain[J]. Journal of Yanshan University, 2006, 30(3): 272-275 |
| |
| Authors: | YAN Shu-ting LIU Jia-xin WANG Xin-sheng |
| |
| Abstract: | Snort analyses data according to regular tree mainly and adopts recursive method to match to it. So if the structure ofthe regular tree is rational, that influences the speed of snort rule matching. The structure of rule chain is analysed in this paper.Aimed at the deficiency of original rule tree, the improved rule tree is proposed. In order to reduce the time that rule matchingneeds, some work is done to add width-first searching algorithm based on original rule matching method. |
| |
| Keywords: | network-based intrusion detection system rule tree width-first rule matching |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
