Research Article
An Enhancement of Optimized Detection Rule of Security Monitoring and Control for Detection of Cyberthreat in Location-Based Mobile System
Table 8
Optimization of Payload Detection Rules.
| Command format | Selection of detection rule standardization |
| Payload Detection
| isdataat | Check if the payload has a certain number of bytes | pcre | Search by regular expression | byte_test | Compare with specific value after specific byte operation | uricontent | Search patterns from URI information in HTTP |
| Command format | Excluded detection rules standardized/excluded Reasons |
| Payload Detection | urilen | Check HTTP URI length | Excluded as assignable opting using mandatory option | ftpbounce | FTP bounce attack detection | Excluded as assignable opting using mandatory option | asn1 | Detect malicious encoding | cvs | Detect invalid Entry String in CVS | dce_iface | DCE/RPC request traffic pattern detection | dce_opnum | dce_stup_data |
|
|