Publisher Summary
This chapter briefly discusses the network security algorithms. Given the growing importance of real-time intrusion detection, intrusion detection furnishes a rich source of packet patterns that can benefit from network algorithmics. The chapter samples three important subtasks that arise in the context of intrusion detection. The first is an analysis subtask, string matching, which is a key bottleneck in popular signature-based systems such as Snort. The second is a response subtask, trace back, which is of growing importance given the ability of intruders to use forged source addresses. The third is an analysis subtask to detect the onset of a new worm (e.g., Code Red) without prior knowledge. These three subtasks only scratch the surface of a vast area that needs to be explored.