Research Article
An Enhancement of Optimized Detection Rule of Security Monitoring and Control for Detection of Cyberthreat in Location-Based Mobile System
Table 8
Optimization of Payload Detection Rules.
| | Command format | Selection of detection rule standardization |
| Payload Detection
| isdataat | Check if the payload has a certain number of bytes | | pcre | Search by regular expression | | byte_test | Compare with specific value after specific byte operation | | uricontent | Search patterns from URI information in HTTP |
| | Command format | Excluded detection rules standardized/excluded Reasons |
| | Payload Detection | urilen | Check HTTP URI length | Excluded as assignable opting using mandatory option | | ftpbounce | FTP bounce attack detection | Excluded as assignable opting using mandatory option | | asn1 | Detect malicious encoding | | cvs | Detect invalid Entry String in CVS | | dce_iface | DCE/RPC request traffic pattern detection | | dce_opnum | | dce_stup_data |
|
|
