A parallel technique for improving the performance of signature-based network intrusion detection system

F.I. Shiri, B. Shanmugam, N.B. Idris

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedings

Abstract

Nowadays, organizations discover that it is essential to protect their valuable information and internal resources from unauthorized access like deploying firewall. Firewall could prevent unauthorized access, but it cannot monitor network attacks. Another network security tool such as intrusion detection system is necessary to perform network activities monitoring. With the recent trend of high-speed networks, a large volume of data should be analyzed and processed with high-speed infrastructure. To promote the performance of network intrusion detection system and reduce the processing time of the traffic, present studies on network intrusion detection system for high-speed network focus on parallel techniques as an alternative. In this paper, a kind of parallelism is proposed to improve the performance of signature based intrusion detection system. The experimental results show that by the use of two signature based network intrusion detection systems running Snort in parallel with a portion of packets and a subset of rules, and distributing the traffic between them, the processing time of the traffic will be reduced. Consequently, the performance of the system will be improved.
Original languageEnglish
Title of host publicationProceedings of the 2011 IEEE 3rd International Conference on Communication Software and Networks, ICCSN 2011
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages692-696
Number of pages5
ISBN (Print)978-161284485-5
DOIs
Publication statusPublished - 2011
Externally publishedYes
EventIEEE International Conference on Communication Software and Networks (ICCSN 2011 3rd) - Xi'an; China, Xi'an, China
Duration: 27 May 201129 May 2011
Conference number: 2011 (3rd) 86671

Conference

ConferenceIEEE International Conference on Communication Software and Networks (ICCSN 2011 3rd)
Abbreviated titleICCSN 2011
CountryChina
CityXi'an
Period27/05/1129/05/11

Fingerprint Dive into the research topics of 'A parallel technique for improving the performance of signature-based network intrusion detection system'. Together they form a unique fingerprint.

  • Cite this

    Shiri, F. I., Shanmugam, B., & Idris, N. B. (2011). A parallel technique for improving the performance of signature-based network intrusion detection system. In Proceedings of the 2011 IEEE 3rd International Conference on Communication Software and Networks, ICCSN 2011 (pp. 692-696). [6014986] IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ICCSN.2011.6014986