IDS mailing list archives
Re: use of bloom filters in commercial iDS/IPS architectures
From: Martin Roesch <roesch () sourcefire com>
Date: Thu, 13 Apr 2006 22:14:23 -0400
I met a group from Washington University that was doing this exact thing last year. Check their paper out:
http://www.arl.wustl.edu/~todd/hoti.pdfI liked their approach, seemed pretty cool (and they used Snort as their test bed).
-Marty On Apr 12, 2006, at 12:02 AM, Raj Malhotra wrote:
Hi, I would like to know if any of the commercial IDS/IPS vendors are using hash based techniques such as bloom filters/rabin finger prints for fast path filtering. If so, i would appreciate if links to white papers or any other online information can be shared with me. thanks -Ral---------------------------------------------------------------------- --Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus- ids_040708to learn more.---------------------------------------------------------------------- --
-- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 Sourcefire - Security for the Real World - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- use of bloom filters in commercial iDS/IPS architectures Raj Malhotra (Apr 13)
- Re: use of bloom filters in commercial iDS/IPS architectures Martin Roesch (Apr 15)