Intrusion Prevention System Decision Diagram in Security-as-a-Service Solutions
Intrusion prevention systems are widely used as one of the core security services deployed by the majority of contemporary organizations. Although simple in operation, they tend to be difficult to configure due to the wide range of vendors using different algorithms to implement intrusion prevention...
Saved in:
Published in | Multimedia Communications, Services and Security Vol. 785; pp. 47 - 61 |
---|---|
Main Authors | , , , |
Format | Book Chapter |
Language | English |
Published |
Switzerland
Springer International Publishing AG
2017
Springer International Publishing |
Series | Communications in Computer and Information Science |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Intrusion prevention systems are widely used as one of the core security services deployed by the majority of contemporary organizations. Although simple in operation, they tend to be difficult to configure due to the wide range of vendors using different algorithms to implement intrusion prevention system security policies. The most popular, rule-based representation of intrusion prevention system security policies frequently suffers from redundant, conflicting and deficient security rules which may lead to confusion and misconfigurations. This article introduces and presents the intrusion prevention system decision diagram as a new and formal representation of signature-based intrusion prevention system security policies. It is shown that in this diagram the issue of redundant, conflicting and deficient security rules is fully eliminated. Thanks to a tree-based structure the intrusion prevention system decision diagram is also well suited for use in privacy-preserving solutions for cloud-based security services. Finally, with fewer computationally-expensive pattern-matching operations, the intrusion prevention system decision diagram is a better performing packet examination engine than the rule-based engine. This finding was confirmed by experimental results. |
---|---|
ISBN: | 3319699105 9783319699103 |
ISSN: | 1865-0929 1865-0937 |
DOI: | 10.1007/978-3-319-69911-0_4 |