Abstract
Nowadays, organizations discover that it is essential to protect their valuable information and internal resources from unauthorized access like deploying firewall. Firewall could prevent unauthorized access, but it cannot monitor network attacks. Another network security tool such as intrusion detection system is necessary to perform network activities monitoring. With the recent trend of high-speed networks, a large volume of data should be analyzed and processed with high-speed infrastructure. To promote the performance of network intrusion detection system and reduce the processing time of the traffic, present studies on network intrusion detection system for high-speed network focus on parallel techniques as an alternative. In this paper, a kind of parallelism is proposed to improve the performance of signature based intrusion detection system. The experimental results show that by the use of two signature based network intrusion detection systems running Snort in parallel with a portion of packets and a subset of rules, and distributing the traffic between them, the processing time of the traffic will be reduced. Consequently, the performance of the system will be improved.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2011 IEEE 3rd International Conference on Communication Software and Networks, ICCSN 2011 |
Publisher | IEEE, Institute of Electrical and Electronics Engineers |
Pages | 692-696 |
Number of pages | 5 |
ISBN (Print) | 978-161284485-5 |
DOIs | |
Publication status | Published - 2011 |
Externally published | Yes |
Event | IEEE International Conference on Communication Software and Networks (ICCSN 2011 3rd) - Xi'an; China, Xi'an, China Duration: 27 May 2011 → 29 May 2011 Conference number: 2011 (3rd) 86671 |
Conference
Conference | IEEE International Conference on Communication Software and Networks (ICCSN 2011 3rd) |
---|---|
Abbreviated title | ICCSN 2011 |
Country/Territory | China |
City | Xi'an |
Period | 27/05/11 → 29/05/11 |