Mike Fisk, George Varghese  Home/Search
Context Related
| lanl.gov/mfisk/pap...trcs20010670.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: ucsd.edu/users/varghes...newstuff (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: It is becoming increasingly common for network devices to handle packets based on the contents of packet payloads. Example applications include intrusion detection, firewalls, web proxies, and layer seven switches. This paper analyzes the problem of intrusion detection and its reliance on fast string matching in packets. We show that the problem can be restructured to allow the use of more efficient string matching algorithms that operate on sets of patterns in parallel. We then introduce and... (Update)
Cited by: More
Design and Implementation of a String Matching System .. - Dharmapurikar.. (2004) (Correct)
Enhancing Byte-Level Network Intrusion Detection Signatures.. - Sommer, Paxson (2003) (Correct)
Deep Packet Inspection Using Parallel Bloom Filters - Dharmapurikar.. (2003) (Correct)
Active bibliography (related documents): More All
0.5: Intrusion Detection: A Bibliography - Mé, Michel (2001) (Correct)
0.4: Deterministic Memory-Efficient String Matching.. - Tuck, Sherwood.. (2004) (Correct)
0.4: Exclusion-based Signature Matching for Intrusion.. - Markatos, Antonatos.. (2002) (Correct)
Similar documents based on text: More All
0.3: Agile and Scalable Analysis of Network Events - Fisk, Varghese (2002) (Correct)
0.2: Fast String Searching - Hume, Sunday (1991) (Correct)
0.2: Dynamic Adjustment of TCP Window Sizes - Fisk, Feng (2000) (Correct)
Related documents from co-citation: More All
6: Snort - Lightweight Intrusion Detection for Networks (context) - Roesch - 1999
4: Implementation of a contentscanning module for an Internet firewall - Moscola, Lockwood et al. - 2003
4: A Performance Study of Hashing Functions for Hardware Applications - Ramakrishna, Fu et al. - 1994
BibTeX entry: (Update)
M. Fisk and G. Varghese, Fast ContentBased Packet Handling for Intrusion Detection, tech. report CS2001-0670, Univ. of California, San Diego, 2001. http://citeseer.ist.psu.edu/fisk01fast.html More
@misc{ fisk01fast,
author = "M. Fisk and G. Varghese",
title = "Fast ContentBased Packet Handling for Intrusion Detection",
text = "M. Fisk and G. Varghese, Fast ContentBased Packet Handling for Intrusion
Detection, tech. report CS2001-0670, Univ. of California, San Diego, 2001.",
year = "2001",
url = "citeseer.ist.psu.edu/fisk01fast.html" }
Citations (may not include all citations):347 Fast pattern matching in strings (context) - Knuth, Morris et al. - 1977
214 A fast string searching algorithm (context) - Boyer, Moore - 1977
150 gprof: a call graph execution profiler - Graham, Kessler et al. - 1982
140 Snort - lightweight intrusion detection for networks (context) - Roesch - 1999
121 An intrusion-detection model (context) - Denning - 1987
121 Network intrusion detection (context) - Mukherjee, Heberlein et al. - 1994
107 High speed policy-based packet forwarding using efficient mu.. - Lakshman, Stidialis - 1998
99 Cambridge University Press (context) - Gusfield, Strings et al. - 1997
66 Packet classification on multiple fields - Gupta, McKeown - 1999
65 Bro: A system for detecting network intruders in real-time - Paxson - 1999
63 An architecture for intrusion detection using autonomous age.. - Balasubramaniyan, GarciaFernandez et al. - 1998
44 String Searching Algorithms (context) - Stephen - 1994
41 Experience with Emerald to date - Neumann, Porras - 1999
38 An introduction to multisensor data fusion (context) - Hall, Llinas - 1997
38 Cooperating security managers: a peer-based intrusion detect.. (context) - White, Fisch et al. - 1996
32 Towards a taxonomy of intrusion-detection systems (context) - Debar, Dacier et al. - 1999
30 The BoyerMoore -Galil string searching strategies revisited (context) - Apostolico, Giancarlo - 1986
29 E#cient string matching: An aid to bibliographic search (context) - Aho, Corasick - 1975
19 On improving the worst case running time of the Boyer-Moore .. (context) - Galil - 1979
18 Practical fast searching in strings (context) - Horspool - 1980
14 A string matching algorithm fast on the average (context) - Commentz-Walter - 1979
13 A fast algorithm for multi-pattern searching - Wu, Manber - 1994
13 the worst-case behavior of string-searching algorithms (context) - Rivest - 1977
6 and Steven McCanne (context) - Craig - 1994
4 A fast multiple string-pattern matching algorithm - Kim, Kim - 1999
3 The performance of singlekeyword and multiple-keyword patter.. - Watson - 1994
3 DIDS -- motivation, architecture, and an early prototype (context) - Snapp, Brentano et al. - 1991
2 Towards faster patern matching for intrusion detection or ex.. (context) - Coit, Staniford et al. - 2001
1 Distributed intrusion detection for computer systems using c.. (context) - Ingram, Kremer et al. - 2000
1 A unifying look at the Apostolico-Giancarlo string matching .. - Crochemore, Hancart et al. - 2000
http://www.cve.mitre.org/
http://www.nfr.com/
http://www.whitehats.com/ids/
http://www.arrowpoint.com/
http://www.snort.org/
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www-cse.ucsd.edu/users/varghese/newstuff.html):
Scalable Packet Classification - Baboescu, Varghese (2001) (Correct)
Tree Bitmap : Hardware/Software IP Lookups with.. - Eatherton, Dittia.. (2002) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC