I met a group from Washington University that was doing this exact
thing last year. Check their paper out:
http://www.arl.wustl.edu/~todd/hoti.pdf
I liked their approach, seemed pretty cool (and they used Snort as
their test bed).
-Marty
On Apr 12, 2006, at 12:02 AM, Raj Malhotra wrote:
Hi,
I would like to know if any of the commercial IDS/IPS vendors are
using hash based techniques such as bloom filters/rabin finger prints
for fast path filtering.
If so, i would appreciate if links to white papers or any other online
information can be shared with me.
thanks
-Ral
----------------------------------------------------------------------
--
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-
ids_040708
to learn more.
----------------------------------------------------------------------
--
--
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
