Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2006-07-10
2010-06-08
Moise, Emmanuel L (Department: 2437)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000, C726S024000, C726S025000, C713S187000, C713S188000, C713S193000, C713S194000
Reexamination Certificate
active
07735137
ABSTRACT:
A method and apparatus for storing an intrusion rule are provided. The method stores a new intrusion rule in an intrusion detection system having already stored intrusion rules, and includes: generating combinations of divisions capable of dividing the new intrusion rule into a plurality of partial intrusion rules; calculating the frequency of hash value collisions between each of the generated division combinations and the already stored intrusion rules; dividing the new intrusion rule according to the division combination which has the lowest calculated frequency of hash value collisions; and storing the divided new intrusion rule in a corresponding position of the intrusion detection system. According to the method and apparatus, the size of the storage unit occupied by the intrusion rule can be reduced, and by performing pattern matching, the performance of the intrusion detection system can be enhanced.
REFERENCES:
patent: 7487542 (2009-02-01), Boulanger et al.
patent: 2003/0115486 (2003-06-01), Choi et al.
patent: 2005/0125551 (2005-06-01), Oh et al.
patent: 2007/0124815 (2007-05-01), Baik et al.
patent: 10-2004-0046465 (2004-06-01), None
patent: 1020050054538 (2005-06-01), None
patent: 10-2006-0013815 (2006-02-01), None
Rong-Tai Liu, et al., “A Fast Pattern-Match Engine for Network Processor-based Network Intrusion Detection System”, IEEE Computer Society, Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) 0-7695-2108-8/04; 2004 IEEE (5 pages).
C. Jason Coit, et al., “Towards Faster String Matching for Intrusion Detection or Exceeding the Speed of Snort”, 0-7695-1212-7/01—2001 IEEE (pp. 367-373).
Baik Kwang Ho
Jang Jong Soo
Kim Byoung Koo
Oh Jin Tae
Sohn Sung Won
Blakely , Sokoloff, Taylor & Zafman LLP
Electronics and Telecommunications Research Institute
Moise Emmanuel L
Sims Jing
LandOfFree
Method and apparatus for storing intrusion rule does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for storing intrusion rule, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for storing intrusion rule will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4208470