Accuracy and speed are the two most important metrics for Network Intrusion Detection/Prevention Systems (NIDS/NIPSes). Due to emerging polymorphic attacks and the fact that in ma...
Zhichun Li, Gao Xia, Hongyu Gao, Yi Tang, Yan Chen...
Ptacek and Newsham [14] showed how to evade signature detection at Intrusion Prevention Systems (IPS) using TCP and IP Fragmentation. These attacks are implemented in tools like F...
George Varghese, J. Andrew Fingerhut, Flavio Bonom...
Intrusion detection systems are fundamentally passive and fail–open. Because their primary task is classification, they do nothing to prevent an attack from succeeding. An intru...
Michael E. Locasto, Ke Wang, Angelos D. Keromytis,...
The security of your data and of your network is in the hands of intrusion detection systems, virus scanners and spam filters, which are all critically based on string matching. ...
Daniele Paolo Scarpazza, Oreste Villa, Fabrizio Pe...
In this paper we describe a regular expression pattern matching approach for reconfigurable hardware. Following a Non-deterministic Finite Automata direction, we introduce three ne...