skip to main content

Title: Intrusion detection using secure signatures

A method and device for intrusion detection using secure signatures comprising capturing network data. A search hash value, value employing at least one one-way function, is generated from the captured network data using a first hash function. The presence of a search hash value match in a secure signature table comprising search hash values and an encrypted rule is determined. After determining a search hash value match, a decryption key is generated from the captured network data using a second hash function, a hash function different form the first hash function. One or more of the encrypted rules of the secure signatures table having a hash value equal to the generated search hash value are then decrypted using the generated decryption key. The one or more decrypted secure signature rules are then processed for a match and one or more user notifications are deployed if a match is identified.
Authors:
;
Publication Date:
OSTI Identifier:
1159917
Report Number(s):
8,850,583
13/785,349
DOE Contract Number:
AC07-05ID14517
Resource Type:
Patent
Research Org:
Idaho National Laboratory (INL), Idaho Falls, ID (United States)
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING