Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Digital Communications and Networking

Theses

Data Mining

Articles 1 - 1 of 1

Full-Text Articles in Computer Engineering

Enhancing Snort Ids Performance Using Data Mining, Mohammed Ali Almaleki May 2016

Enhancing Snort Ids Performance Using Data Mining, Mohammed Ali Almaleki

Theses

Intrusion detection systems (IDSs) such as Snort apply deep packet inspection to detect intrusions. Usually, these are rule-based systems, where each incoming packet is matched with a set of rules. Each rule consists of two parts: the rule header and the rule options. The rule header is compared with the packet header. The rule options usually contain a signature string that is matched with packet content using an efficient string matching algorithm. The traditional approach to IDS packet inspection checks a packet against the detection rules by scanning from the first rule in the set and continuing to scan all ...