%0 Conference Proceedings
%T Efficient Distributed Signature Analysis
%+ Brandenburg University of Technology [Cottbus – Senftenberg] (BTU)
%A Vogel, Michael
%A Schmerl, Sebastian
%A König, Hartmut
%Z Part 1: Security Management
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 5th Autonomous Infrastructure, Management and Security (AIMS)
%C Nancy, France
%Y Isabelle Chrisment
%Y Alva Couch
%Y Rémi Badonnel
%Y Martin Waldburger
%I Springer
%3 Managing the Dynamics of Networks and Services
%V LNCS-6734
%P 13-25
%8 2011-06-13
%D 2011
%R 10.1007/978-3-642-21484-4_2
%Z Computer Science [cs]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X Intrusion Detection Systems (IDS) have proven as valuable measure to cope reactively with attacks in the Internet. The growing complexity of IT-systems, however, increases rapidly the audit data volumes and the size of the signature bases. This forces IDS to drop audit data in high load situations thus offering attackers chances to act undetected. To tackle this issue we propose an efficient and adaptive analysis approach for multi-step signatures that is based on a dynamic distribution of analyses. We propose different optimization strategies for an efficient analysis distribution. The strengths and weaknesses of each strategy are evaluated based on a prototype implementation.
%G English
%Z TC 6
%2 https://inria.hal.science/hal-01585852/document
%2 https://inria.hal.science/hal-01585852/file/978-3-642-21484-4_2_Chapter.pdf
%L hal-01585852
%U https://inria.hal.science/hal-01585852
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC6
%~ IFIP-AIMS
%~ IFIP-LNCS-6734