Re: Head Body String Matching into Snort

[Russ <rucombs () cisco com>]

Sounds like a fun project.  Have you considered using Snort++?  The 
multi-pattern search engines are a plugin type that would allow you to 
focus more on the algorithm(s) and less on infrastructure.

Russ

On 7/23/15 4:51 AM, joscabmar3 () alum us es wrote:
> Hello,
>
> I am José Antonio. I am finishing my Bachelor's degree in 
> Telecommunications Technologies Engineering in Universidad de Sevilla 
> (Spain).
>
> For my undergraduate thesis project I want to carry out an integration 
> of the Head-Body string matching engine that I found in this paper 
> (http://halcyon.usc.edu/~pk/prasannawebsite/papers/HeadBody_camera.pdf) into 
> Snort.
>
> I have already created a Git repository in Github 
> (https://github.com/joscabmar/Snort-HBSM) in order to develop it. What 
> I have done until now it is to set up the "main" function in acsmx2.c 
> in order to have an environment to test all the string matching 
> engines (it is not yet uploaded to the repository).
>
> I want to thank you for sharing that work with everyone and I will 
> really appreciate any help you can give to me.
>
> Yours sincerely,
>
> José Antonio Caballero Martos
>
>
>
> ------------------------------------------------------------------------------
>
>
> _______________________________________________
> Snort-devel mailing list
> Snort-devel () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> Archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
>
> Please visit http://blog.snort.org for the latest news about Snort!

------------------------------------------------------------------------------

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!