IPS - signature detection - query

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi All,
   I wish to write a module for signature based detection engine.
Please anyone who knows about IPS/IDS development give me some samples
or give me the information that which source file of snort implements
signature detection.  Thanks in advance.

Halid Umar

Re: IPS - signature detection - query

Halid Umar A M wrote:

Quoted text here. Click to load it

Not something you know a lot about I guess. The answer is that the signature
recognition system is a highly complex and optimized finite state machine.
For most applications it's far too complex to design by hand so you need
some AI. The problem with path searching systems is that its a particularly
bad problem domain for finding local minima so 'fuzzier' approaches like
genetic algorithms tend to work best.



Site Timeline