函数分析优化Snort数据包过滤

Using Function Analyzing for Optimizing Data Package Filtration in Snort

文章分析了数据包调用检测函数匹配规则结点的平均次数计算函数,并利用该函数对Snort系统规则树进行了优化,减少了数据包过滤匹配次数,极大地提高了入侵检测的效率。

The paper analyzed the function which calculates the average invoked times of the inspecting function by data package, and then optimized the rule tree of Snort system by using this function with the result of the reduced matching times and improved efficiency in Intrusion Detection.