东南大学学报(英文版)2016,Vol.32Issue(1):21-28,8.DOI:10.3969/j.issn.1003-7985.2016.01.005
一种 Snort规则间拓扑关系的分析方法
An analysis method of topological relations between Snort rules
摘要
Abstract
It is difficult to know all the relations between Snort rules.To deal with this problem the topological relations between Snort rules are classified based on the set theory and a method for calculating the topological relations between Snort rules is proposed.In the existing methods for analyzing the relations of Snort rules the relations are usually determined only according to the header information of the Snort rules.Without considering the actions of Snort rules the proposed method improves upon the existing methods and it can classify and calculate the topological relations between Snort rules according to both headers and options information of Snort rules. In addition the proposed method is implemented by the functional language Haskell. The experimental results show that the topological relations between Snort rules can be calculated rapidly and effectively. The proposed method also provides an important basis for conflict detection in the succeeding Snort rules.关键词
入侵检测系统/Snort规则/函数式编程语言Key words
intrusion detection system/IDS/Snort rule functional programming language分类
信息技术与安全科学引用本文复制引用
殷奕,汪芸,Takahashi Naohisa..一种 Snort规则间拓扑关系的分析方法[J].东南大学学报(英文版),2016,32(1):21-28,8.基金项目
The National Natural Science Foundation of China No.6097312261572256. ()
