Approximate Reduction of Finite Automata for High-Speed Network Intrusion Detection

dc.contributor.authorČeška, Milancs
dc.contributor.authorHavlena, Vojtěchcs
dc.contributor.authorHolík, Lukášcs
dc.contributor.authorLengál, Ondřejcs
dc.contributor.authorVojnar, Tomášcs
dc.coverage.issue2cs
dc.coverage.volume10806cs
dc.date.issued2018-02-23cs
dc.description.abstractWe consider the problem of approximate reduction of non-deterministic automata that appear in hardware-accelerated network intrusion detection systems (NIDSes). We define an error distance of a reduced automaton from the original one as the probability of packets being incorrectly classified by the reduced automaton (wrt the probabilistic distribution of packets in the network traffic). We use this notion to design an approximate reduction procedure that achieves a great size reduction (much beyond the state-of-the-art language preserving techniques) with a controlled and small error. We have implemented our approach and evaluated it on use cases from Snort , a popular NIDS. Our results provide experimental evidence that the method can be highly efficient in practice, allowing NIDSes to follow the rapid growth in the speed of networks.en
dc.description.abstractČlánek se zaobírá přibližnou redukcí konečných automatů pro detekci útoků ve vysokorychlostních sítích.cs
dc.formattextcs
dc.format.extent155-175cs
dc.format.mimetypeapplication/pdfcs
dc.identifier.citationLecture Notes in Computer Science. 2018, vol. 10806, issue 2, p. 155-175.en
dc.identifier.doi10.1007/978-3-319-89963-3_9cs
dc.identifier.issn0302-9743cs
dc.identifier.orcid0000-0002-0300-9727cs
dc.identifier.orcid0000-0003-4375-7954cs
dc.identifier.orcid0000-0001-6957-1651cs
dc.identifier.orcid0000-0002-3038-5875cs
dc.identifier.orcid0000-0002-2746-8792cs
dc.identifier.other147192cs
dc.identifier.researcheridAAI-4516-2020cs
dc.identifier.researcheridK-5057-2015cs
dc.identifier.scopus7006749648cs
dc.identifier.scopus57189895456cs
dc.identifier.scopus24468124100cs
dc.identifier.scopus24822331700cs
dc.identifier.scopus8727483800cs
dc.identifier.urihttp://hdl.handle.net/11012/195256
dc.language.isoencs
dc.publisherSpringer Verlagcs
dc.relation.ispartofLecture Notes in Computer Sciencecs
dc.relation.urihttps://www.fit.vut.cz/research/publication/11657/cs
dc.rightsCreative Commons Attribution 4.0 Internationalcs
dc.rights.accessopenAccesscs
dc.rights.sherpahttp://www.sherpa.ac.uk/romeo/issn/0302-9743/cs
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/cs
dc.subjectapproximate reductionen
dc.subjectprobabilistic distanceen
dc.subjectfinite automataen
dc.subjectprobabilistic automatonen
dc.subjectnetwork intrusion detectionen
dc.titleApproximate Reduction of Finite Automata for High-Speed Network Intrusion Detectionen
dc.title.alternativePřibližná redukce konečných automatů pro detekci útoků ve vysokorychlostních sítíchcs
dc.type.driverconferenceObjecten
dc.type.statusPeer-revieweden
dc.type.versionpublishedVersionen
sync.item.dbidVAV-147192en
sync.item.dbtypeVAVen
sync.item.insts2024.03.25 03:46:04en
sync.item.modts2024.03.25 03:14:28en
thesis.grantorVysoké učení technické v Brně. Fakulta informačních technologií. Ústav inteligentních systémůcs
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Ceska2018_Chapter_ApproximateReductionOfFiniteAu.pdf
Size:
660.65 KB
Format:
Adobe Portable Document Format
Description:
Ceska2018_Chapter_ApproximateReductionOfFiniteAu.pdf