Efficient signature packing for an intrusion detection system
US7624446B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jan 25, 2005 |
| Grant date | Nov 24, 2009 |
| Priority date | — |
| Expiry date | Jun 17, 2027 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A flow assignment module identifies different network flows' characteristics and the characteristics of the signatures for the different network flows. Based on the identified characteristics, the flow assignment module assigns a network flow to a hash table among a small set of hash tables for storing signatures for that network flow. The flow assignment module assigns the network flow in such a way to minimize the likelihood that a signature for the network flow is hashed to a table entry that frequently occurs in a different network flow assigned to the same hash table. The flow assignment module identifies a hash table for the network flow where there is the least overlap between a signature for that network flow and a frequent byte in another network flow.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.