Abstract
The traditional firewall provides the first level of defense for computer networks and prevents unauthorized people to access the internal networks from the external attacks. Thus, the Network Intrusion detection System (NIDS) is complementary to the firewall. One of the major functions of NIDS is to act as misuse detection. In This paper we used A Neural network with multi-connect architecture and Weighted Exact Matching Algorithm (WEMA) to enhance the speed of matching process between the incoming packets header and SNORT-NIDS rule sets.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Abedin, M., Nessa, S., Khan, L., Thuraisingham, B.: Detection and resolution of anomalies in firewall policy rules. In: Damiani, E., Liu, P. (eds.) Data and Applications Security 2006. LNCS, vol. 4127, pp. 15–29. Springer, Heidelberg (2006)
Snort – The open source network intrusion. Detection system. http://www.snort.org
Coit, C.J., Staniford, S., Mchlerney, J.: Towards faster string matching for intrusion detection or exceeding the speed of snort, pp. 367–373. IEEE (2001)
Xiang, Y.: Protecting information infrastructure from DDoS attacks by MADF. Int. J. High Perform. Comput. Netw. 4(5/6), 357–367 (2006)
Deri, L.: High-speed dynamic packet filtering. J. Netw. Syst. Manag. (ACM) 15, 401–415 (2007)
Lecroq, C.C.: Handbook of Exact String matching Algorithm. King’s College Publications, London (2004). ISBN 0954300645
Kaream, E.: Alternative hopfield neural network with multi-connect architecture. Journal of College of Education, Computer Department, Al-mustansiryah university, Baghdad, Iraq (2004)
Hlayel, A.A., Hnaif, A.A.: An algorithm to improve the performance of string matching. J. Inf. Sci. (2014). doi:10.1177/0165551513519039. Accessed 14 Jan 2014
Acknowledgment
I would like to thank Al-zaytoonah University of Jordan for supporting this research paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Hnaif, A.A. (2017). WEMA to Speed up NIDS Packet Header Detection Engine. In: Hassanien, A., Shaalan, K., Gaber, T., Azar, A., Tolba, M. (eds) Proceedings of the International Conference on Advanced Intelligent Systems and Informatics 2016. AISI 2016. Advances in Intelligent Systems and Computing, vol 533. Springer, Cham. https://doi.org/10.1007/978-3-319-48308-5_50
Download citation
DOI: https://doi.org/10.1007/978-3-319-48308-5_50
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48307-8
Online ISBN: 978-3-319-48308-5
eBook Packages: EngineeringEngineering (R0)