DocumentCode
1802375
Title
Evaluating Intrusion Detection Systems in High Speed Networks
Author
Alserhani, Faeiz ; Akhlaq, Monis ; Awan, Irfan U. ; Mellor, John ; Cullen, Andrea J. ; Mirchandani, Pravin
Author_Institution
Inf. Res. Inst., Univ. of Bradford, Bradford, UK
Volume
2
fYear
2009
fDate
18-20 Aug. 2009
Firstpage
454
Lastpage
459
Abstract
The recent era has witnessed tremendous increase in the usage of computer network applications. Users of any type and requirement are compelled to be on a network. Today, the computer has become a network machine rather than a standalone system. This has generated challenges to the network security devices in terms of accuracy and reliability.Intrusion Detection Systems (IDS) are designed for the security needs of networks. Existing Network Intrusion Detection Systems (NIDS) are found to be limited in performance and utility especially once subjected to heavy traffic conditions. It has been observed that NIDS become less effective even when presented with a bandwidth of a few hundred megabits per second. In this work, we have endeavored to identify the causes which lead to unsatisfactory performance of NIDSs. In this regard, we have conducted an extensive performance evaluation of an open source intrusion detection system (Snort). This has been done on a highly sophisticated test-bench with different traffic conditions. We have also used different hardware and software platforms to determine the efficacy of the NIDS under test. Finally, in our results/ analysis, we have identified the factors responsible for the limited performance of Snort. We have also recommended few solutions for improving the performance of Snort.
Keywords
computer networks; reliability; security of data; high speed networks; intrusion detection systems; network security devices; network traffic; performance evaluation; reliability; Application software; Bandwidth; Computer network reliability; Computer networks; Hardware; High-speed networks; Intrusion detection; Open source software; Telecommunication traffic; Testing; Attacks; Intrusion Detection Systems (IDS); Network Tarffic; Performance Evaluation; Snort;
fLanguage
English
Publisher
ieee
Conference_Titel
Information Assurance and Security, 2009. IAS '09. Fifth International Conference on
Conference_Location
Xi´an
Print_ISBN
978-0-7695-3744-3
Type
conf
DOI
10.1109/IAS.2009.276
Filename
5283223
Link To Document