Deep Packet Pre-Filtering and Finite State Encoding for Adaptive Intrusion Detection System
An Intrusion Detection System (IDS) is a promising technique for detecting and thwarting attacks on computer systems and networks. In the context of ever-changing threats, new attacks are constantly created, and new rules for identifying them are dramatically increasing. To adapt to these new rules, IDSs must be easily reconfigurable, they must keep up with line rates of network traffic, and they must have high detection accuracy. In this paper, the authors propose high-performance memory-based IDS that can be easily reconfigured for new rules. Their IDS achieves high performance and memory efficiency by utilizing deep packet pre-filtering and novel finite state encoding. They present simulation and experimental results that show the novelty and feasibility of their system.