Improving network intrusion detection system performance through quality of service configuration and parallel technology

Bul'ajoul, W ORCID logoORCID: https://orcid.org/0000-0003-4927-9500, James, A ORCID logoORCID: https://orcid.org/0000-0001-9274-7803 and Pannu, M, 2015. Improving network intrusion detection system performance through quality of service configuration and parallel technology. Journal of Computer and System Sciences, 81 (6), pp. 981-999. ISSN 0022-0000

[thumbnail of PubSub10365_James.pdf]
Preview
Text
PubSub10365_James.pdf - Pre-print

Download (1MB) | Preview

Abstract

This paper outlines an innovative software development that utilizes Quality of Service (QoS) and parallel technologies in Cisco Catalyst Switches to increase the analytical performance of a Network Intrusion Detection and Protection System (NIDPS) when deployed in highspeed networks. We have designed a real network to present experiments that use a Snort NIDPS. Our experiments demonstrate the weaknesses of NIDPSes, such as inability to process multiple packets and propensity to drop packets in heavy traffic and high-speed networks without analysing them. We tested Snort’s analysis performance, gauging the number of packets sent, analysed, dropped, filtered, injected, and outstanding. We suggest using QoS configuration technologies in a Cisco Catalyst 3560 Series Switch and parallel Snorts to improve NIDPS performance and to reduce the number of dropped packets. Our results show that our novel configuration improves performance.

Item Type: Journal article
Publication Title: Journal of Computer and System Sciences
Creators: Bul'ajoul, W., James, A. and Pannu, M.
Publisher: Elsevier Inc.
Date: September 2015
Volume: 81
Number: 6
ISSN: 0022-0000
Identifiers:
Number
Type
10.1016/j.jcss.2014.12.012
DOI
S0022000014001767
Publisher Item Identifier
Divisions: Schools > School of Science and Technology
Record created by: Jill Tomkinson
Date Added: 27 Feb 2018 11:09
Last Modified: 13 Mar 2019 15:06
URI: https://irep.ntu.ac.uk/id/eprint/32819

Actions (login required)

Edit View Edit View

Statistics

Views

Views per month over past year

Downloads

Downloads per month over past year