Mobile Information Systems / 2017 / Article / Tab 6

Research Article

An Enhancement of Optimized Detection Rule of Security Monitoring and Control for Detection of Cyberthreat in Location-Based Mobile System

Table 6

Optimization of General Rules.

Command format Selection of detection rule standardization

GeneralmsgMessage to record when detecting

Command format Excluded detection rules standardized/excluded reasons

GeneralreferenceReferences to additional informationExcluded as an additional option for reference of detection rule information
gidAlert generation module idExcept for the module ID of the configuration module and the ID of the detection rule (Snort-specific function)
sidUse to distinguish Snort detection rules
<100 reserved number for future use
100–1,000,000 number assigned by Snort
>1,000,000 custom rule assignment numbers
revInformation on revision of rules with sidExcluded as an option for versioning of detection rules
classtypeInformation that can classify an attackExcluded as an option for risk display and classification of detection
prioritySignificance of detection rules (top/middle/bottom)Exclude as an option for indicating the importance of detection rules

Article of the Year Award: Outstanding research contributions of 2020, as selected by our Chief Editors. Read the winning articles.