Computer and Modernization ›› 2012, Vol. 198 ›› Issue (2): 165-167.doi: 10.3969/j.issn.1006-2475.2012.02.044

• 信息安全 • Previous Articles     Next Articles

Design and Realization of Dynamic Rule Sets of Snort Based on Threshold of Statistics

REN Bing-zhong1, KONG Wen-huan2   

  1. 1.Department of Electrical Engineering and Information, Shandong University of Science and Technology, Ji’nan 250031, China;2. Ji’nan Vocational College of Foreign Language, Ji’nan 250021, China
  • Received:2011-10-18 Revised:1900-01-01 Online:2012-02-24 Published:2012-02-24

Abstract: Snort is an opensource intrusion detection system. It detects intrusion with the static rule sets. The paper analyses the rationale and model of intrusion detection system. It introduces how to configure the static rule sets of Snort, describes a method of making dynamic rule sets according to the threshold of statistics flow and the threshold of alert frequency, this method improves and enhances the deployment of flexibility Snort should have.

Key words: intrusion detection system (IDS), rule set, dynamic configuration, Snort

CLC Number: