Thursday, January 3, 2008
Detecting Credit Card Numbers
I was investigating this about a year ago and got to similar conclusions. The cost of doing CCN detection while processing requests and responses via an IDS/IPS should be seamless if the system scales with the number of regular expressions (rather than iterating over them as one as to do with PCRE like libraries), as transducer based technology allows.
Calculating luhn and applying other means to reduce false positives has a negative impact on performance (although this can be reduced to some extent).
at 3:45 PM