Patent · US Active

Method and apparatus for storing intrusion rule

US7735137B2 · kind B2 · utility

5Cited by

1References

7Claims

0Family size

Assignee

KOREA ADVANCED INSTITUTE OF SCIENCE AND TECHNOLOGY · KR

Inventors

Kwang Ho Baik · Fujian, CN
Byoung-Koo KIM · Daejeon, KR
Jin Tae Oh · Daejeon, KR
Jong Soo Jang · Jicheon-myeon, KR
Sung Won Sohn · Daejeon, KR

Key dates

Filing date	Jul 10, 2006
Grant date	Jun 8, 2010
Priority date	—
Expiry date	Mar 22, 2029

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method and apparatus for storing an intrusion rule are provided. The method stores a new intrusion rule in an intrusion detection system having already stored intrusion rules, and includes: generating combinations of divisions capable of dividing the new intrusion rule into a plurality of partial intrusion rules; calculating the frequency of hash value collisions between each of the generated division combinations and the already stored intrusion rules; dividing the new intrusion rule according to the division combination which has the lowest calculated frequency of hash value collisions; and storing the divided new intrusion rule in a corresponding position of the intrusion detection system. According to the method and apparatus, the size of the storage unit occupied by the intrusion rule can be reduced, and by performing pattern matching, the performance of the intrusion detection system can be enhanced.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.