Abstract
Adjustment of Array sequence of matching rules can improve performance of network intrusion detection system. Firstly, This paper introduces static adjustment algorithm, which makes the most frequently used rules in the top of the list of rules, and reduces the frequency and time of following data packets; Secondly, two dynamic adjustment algorithms are designed and accomplished, which are algorithm of dynamic adjustment of matching rules based on variable sampling time T and algorithm of real-time adjustment based on matching trigger of feature event, the Former keeps the matching rule order consistent with the current network flow and adjust the sampling time T according to the number of network flow, the latter adopts three-step dynamical adjustment method to adjust rules sequence when intrusion happens. The experiment shows that the match performance of three-step dynamical adjustment algorithm has been significantly improved than other two adjust algorithms.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
