Szczegóły publikacji

Opis bibliograficzny

Intrusion prevention system decision diagram in security-as-a-service solutions / Tytus KUREK, Marcin NIEMIEC, Artur LASOŃ, Andrzej R. PACH // W: Multimedia Communications, Services and Security : 9th international conference, MCSS 2017 : Kraków, Poland, November 16-17, 2017 : proceedings / eds. Andrzej Dziech, Andrzej Czyżewski. — Cham [etc.] : Springer International Publishing, cop. 2017. — (Communications in Computer and Information Science ; ISSN 1865-0929 ; 785). — ISBN: 978-3-319-69910-3; e-ISBN: 978-3-319-69911-0. — S. 47–61. — Bibliogr. s. 60–61, Abstr. — Publikacja dostępna online od: 2017-10-21

Autorzy (4)

Słowa kluczowe

privacycloud computingdecision treeIPSSecaaS

Dane bibliometryczne

ID BaDAP112272
Data dodania do BaDAP2018-02-16
Tekst źródłowyURL
DOI10.1007/978-3-319-69911-0_4
Rok publikacji2017
Typ publikacjimateriały konferencyjne (aut.)
Otwarty dostęptak
WydawcaSpringer
KonferencjaMultimedia Communications, Services and Security : 9th international conference
Czasopismo/seriaCommunications in Computer and Information Science

Abstract

Intrusion prevention systems are widely used as one of the core security services deployed by the majority of contemporary organizations. Although simple in operation, they tend to be difficult to configure due to the wide range of vendors using different algorithms to implement intrusion prevention system security policies. The most popular, rule-based representation of intrusion prevention system security policies frequently suffers from redundant, conflicting and deficient security rules which may lead to confusion and misconfigurations. This article introduces and presents the intrusion prevention system decision diagram as a new and formal representation of signature-based intrusion prevention system security policies. It is shown that in this diagram the issue of redundant, conflicting and deficient security rules is fully eliminated. Thanks to a tree-based structure the intrusion prevention system decision diagram is also well suited for use in privacy-preserving solutions for cloud-based security services. Finally, with fewer computationally-expensive pattern-matching operations, the intrusion prevention system decision diagram is a better performing packet examination engine than the rule-based engine. This finding was confirmed by experimental results.

Publikacje, które mogą Cię zainteresować

fragment książki
Impact of Bloom Filters on security and efficiency of SecaaS services / Maciej Mencner, Marcin NIEMIEC // W: Multimedia Communications, Services and Security : 10th international conference, MCSS 2020 : Kraków, Poland, October 8–9, 2020 : proceedings. — Cham : Springer Nature Switzerland, cop. 2020. — (Communications in Computer and Information Science ; ISSN 1865-0929 ; vol. 1284). — ISBN: 978-3-030-58999-8; e-ISBN: 978-3-030-59000-0. — S. 154–167. — Bibliogr. s. 166–167, Abstr. — Publikacja dostępna online od: 2020-09-24
Szczegóły
fragment książki
Semantically enhanced navigation system using augmented reality / Krzysztof KUTT, Grzegorz J. NALEPA, Dominik Burdzy // W: Multimedia Communications, Services and Security : 9th international conference, MCSS 2017 : Kraków, Poland, November 16-17, 2017 : proceedings / eds. Andrzej Dziech, Andrzej Czyżewski. — Cham [etc.] : Springer International Publishing, cop. 2017. — (Communications in Computer and Information Science ; ISSN 1865-0929 ; 785). — ISBN: 978-3-319-69910-3; e-ISBN: 978-3-319-69911-0. — S. 62–72. — Bibliogr. s. 71–72, Abstr. — Publikacja dostępna online od: 2017-10-21
Szczegóły