4[2]Laing B. How To Guide-Implementing a Network Based Intrusion Detection System[A]. Sovereign House 57/59 Vaster Road Reading RG1 8BT[C], UK, 2000.
5[3]Roesch M. Snort-Lightweight Intrusion Detection for Networks[A]. Proceedings of the 13th Systems Administration Conference[C]. USENIX,1999.
6[4]Roesch M,Green C. Snort Users Manual,Snort Release:1.9.0[EB/OL]. http://www.snort.org/docs/writing_rules-1.9.0/,2001.
7[5]Roesch M,Yarochkin F,Ruiu D, et al. SNORT FAQ Version 1.8[S], 2002-03-25.
8[6]Northcutt S,Novak J,McLanchlan D. Network Intrusion Detection An Analysts Handbook[M]. Indianapolis,Indiana:New Riders publishing,2000.
9[1]Mogul C J, Ramakrishnan K K. Eliminating receive livelock in an interrupt-driven kernel [J]. ACM Transactions on Computer Systems, 1997, 15(3): 217~252.
10[2]Salim J H. Beyond softnet [A]. 5th Annual Linux Showcase & Conference, Oakland, California, 1999.