Download now Free registration required
To protect SIP communication networks from attacks, especially flooding attacks like Denial-of-Service or message spam, Intrusion Detection Systems (IDS) are deployed at the ingress point of the network to filter potential malicious traffic. A key issue of IDS performance is the operation of its firewall to block malicious user requests. Depending on the complexity of the firewall ruleset, filtering performance of the IDS can decrease considerably during high-load flooding situations. This paper proposes a scheme to increase IDS firewall performance by merging several similar rules into more general ones and ignoring lesser relevant rules to limit the number of firewall rules.
- Format: PDF
- Size: 343.2 KB