Invention Grant
- Patent Title: Reduction of false positive detection of signature matches in intrusion detection systems
- Patent Title (中): 减少入侵检测系统中签名匹配的假阳性检测
-
Application No.: US11064225Application Date: 2005-02-22
-
Publication No.: US07802094B2Publication Date: 2010-09-21
- Inventor: Peter Furlong , Andrew Davy , Gareth Edward Allwright , Jerome Nolan
- Applicant: Peter Furlong , Andrew Davy , Gareth Edward Allwright , Jerome Nolan
- Applicant Address: US CO Ft. Collins
- Assignee: Hewlett-Packard Company
- Current Assignee: Hewlett-Packard Company
- Current Assignee Address: US CO Ft. Collins
- Priority: GB0501285.1 20050121
- Main IPC: H04L9/00
- IPC: H04L9/00
Abstract:
Detection of a signature in a data packet comprises performing a pre-classification of the packet, using header information and particularly a 5-tuple access control list, into one of a multiplicity of flows and directing the payload of the packet to a respective one of a multiplicity of deterministic finite state machines each of which stores a plurality of signatures as a sequence of states and acts only on the respective flow.
Public/Granted literature
- US20060174107A1 Reduction of false positive detection of signature matches in intrusion detection systems Public/Granted day:2006-08-03
Information query
