High-Speed Signature Matching in Network Interface Device Using Bloom Filters
Source: Academy Publisher
Network intrusion detection systems play a critical role in protecting the information infrastructure of an organization. Due to the sophistication and complexity of techniques used for the analysis they are commonly based on general-purpose workstations. Although cost-efficient, these general-purpose systems are found to be inadequate as they fail to perform efficiently at high packet rates. The resulting packet loss degrades the system's overall effectiveness, as the analyzing capability of the system is reduced. It has been found that the performance of these systems can be improved significantly by filtering out unwanted packets.