Dynamic IdP Signature Processing by Fast Elimination Using DFA
Intrusion Detection & Prevention Systems (IDPS) generally aim at detecting/preventing attacks against Information systems and networks. The basic task of IDPS is to monitor network & system traffic for any malicious packets/patterns and hence to prevent any unwarranted incidents which leads the systems to insecure state. The monitoring is done by checking each packet for its validity against the signatures formulated for identified vulnerabilities. Since, signatures are the heart & soul of an IDPS, the authors discuss two methodologies they adapted in the research effort to improve the current IDPS. The first methodology RUDRAA is for formulating, verifying & validating the potential signatures to be used with IDPS. The second methodology DSP-FED is aimed at processing the signatures in less time with the proposed fast elimination method using DFA.