SNORTRAN: An Optimizing Compiler for Snort Rules. Fidelis Security Systems. SNORTRAN: An Optimizing Compiler for Snort Rules White Paper. Snortran is an optimizing compiler for intrusion detection rules popularized by an open-source Snort IDS. While Snort and Snort-like rules are usually thought of as a list of independent patterns to be tested in a sequential order, we demonstrate that common compilation techniques are directly applicable to Snort rule sets and are able to produce high-performance matching engines. SNORTRAN combines several compilation techniques, including cost-optimized decision trees, pattern matching precompilation, and string set clustering. Although all these techniques have been used before in other domain-specific languages, we believe their synthesis in SNORTRAN is original and unique.
Keywords for this software
References in zbMATH (referenced in 1 article )
Showing result 1 of 1.
- Monsanto, Christopher; Foster, Nate; Harrison, Rob; Walker, David: A compiler and run-time system for network programming languages (2012)