Anti-evasion Technique for Packet Based Pre-filtering for Network Intrusion Detection Systems (Poster)
暂无分享,去创建一个
This work proposes a method to extend packet pre-filtering for Network Intrusion Detection Systems (NIDS). The aim of the method is to avoid the false negatives occurring when a malicious content has been sent splitted in several packets. In this paper we propose a method that is able to identify even the fragmented malicious content avoiding false negative limiting the false positive rate
[1] Haoyu Song,et al. Snort offloader: a reconfigurable hardware NIDS filter , 2005, International Conference on Field Programmable Logic and Applications, 2005..
[2] Martin Roesch,et al. SNORT: The Open Source Network Intrusion Detection System 1 , 2002 .
[3] Marc Necker,et al. TCP-Stream reassembly and state tracking in hardware , 2002, Proceedings. 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.