Re-examining the performance bottleneck in a NIDS with detailed profiling

Bro: a system for detecting network intruders in real-time

Computer Networks: The International Journal of Computer and Telecommunications Networking

Efficient string matching: an aid to bibliographic search

Communications of the ACM

Toward cost-sensitive modeling for intrusion detection and response

Journal of Computer Security

A high-level programming environment for packet trace anonymization and transformation

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications

Operational experiences with high-volume network intrusion detection

Proceedings of the 11th ACM conference on Computer and communications security

Fast and scalable pattern matching for content filtering

Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems

Fast and memory-efficient regular expression matching for deep packet inspection

Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems

Backtracking Algorithmic Complexity Attacks against a NIDS

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference

Robust TCP stream reassembly in the presence of adversaries

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14

Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention

Proceedings of the 14th ACM conference on Computer and communications security

Efficient and Robust TCP Stream Normalization

SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy

Using String Matching for Deep Packet Inspection

Computer

Enriching network security analysis with time travel

Proceedings of the ACM SIGCOMM 2008 conference on Data communication

Gnort: High Performance Network Intrusion Detection Using Graphics Processors

RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection

Conservative vs. Optimistic Parallelization of Stateful Network Intrusion Detection

ISPASS '08 Proceedings of the ISPASS 2008 - IEEE International Symposium on Performance Analysis of Systems and software

An architecture for exploiting multi-core processors to parallelize network intrusion prevention

Concurrency and Computation: Practice & Experience - Multi-core Supported Network and System Security

Hardware Architecture for High-Performance Regular Expression Matching

IEEE Transactions on Computers

Performance evaluation comparison of Snort NIDS under Linux and Windows Server

Journal of Network and Computer Applications

Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems

RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection

Multi-byte Regular Expression Matching with Speculation

RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection

Performance adaptation in real-time intrusion detection systems

RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection

Fast regular expression matching using small TCAMs for network intrusion detection and prevention systems

USENIX Security'10 Proceedings of the 19th USENIX conference on Security

On campus beta site: architecture designs, operational experience, and top product defects

IEEE Communications Magazine

Embedded Network Intrusion Detection Systems with a Multi-core Aware Packet Capture Module

ICPPW '11 Proceedings of the 2011 40th International Conference on Parallel Processing Workshops