Skip to Main content Skip to Navigation
Conference papers

Efficient Distributed Signature Analysis

Abstract : Intrusion Detection Systems (IDS) have proven as valuable measure to cope reactively with attacks in the Internet. The growing complexity of IT-systems, however, increases rapidly the audit data volumes and the size of the signature bases. This forces IDS to drop audit data in high load situations thus offering attackers chances to act undetected. To tackle this issue we propose an efficient and adaptive analysis approach for multi-step signatures that is based on a dynamic distribution of analyses. We propose different optimization strategies for an efficient analysis distribution. The strengths and weaknesses of each strategy are evaluated based on a prototype implementation.
Complete list of metadata

Cited literature [9 references]  Display  Hide  Download

https://hal.inria.fr/hal-01585852
Contributor : Hal Ifip <>
Submitted on : Tuesday, September 12, 2017 - 10:19:17 AM
Last modification on : Tuesday, September 12, 2017 - 10:22:14 AM
Long-term archiving on: : Wednesday, December 13, 2017 - 3:02:43 PM

File

978-3-642-21484-4_2_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Michael Vogel, Sebastian Schmerl, Hartmut König. Efficient Distributed Signature Analysis. 5th Autonomous Infrastructure, Management and Security (AIMS), Jun 2011, Nancy, France. pp.13-25, ⟨10.1007/978-3-642-21484-4_2⟩. ⟨hal-01585852⟩

Share

Metrics

Record views

421

Files downloads

189