Performance Evaluation of Different Pattern Matching Algorithms of Snort
Journal: International Journal of Advanced Networking and Applications (Vol.10, No. 02)Publication Date: 2018-10-20
Authors : Abhigya Mahajan; Alka Gupta; Lalit Sen Sharma;
Page : 3776-3781
Keywords : Bnfa; D-ITG; NIDS; pattern-matching; Scapy; Snort; sparsebands;
Abstract
Snort is the most widely deployed Network Intrusion Detection System (NIDS) whose performance is dominated by the pattern matching of packets in the network. In this paper, we present an experimental evaluation and comparison of the performance of different pattern matching algorithms of Snort NIDS namely ac-q, ac-bnfa, acsplit,
ac-banded and ac-sparsebands on Linux Operating System (Ubuntu Server 16.04). Snort's performance is measured by subjecting the server running Snort v2.9.9.1 to live malicious traffic and a standard dataset. The performance is calculated and compared in terms of throughput, memory utilization and CPU utilization.
Other Latest Articles
- Hydrology and Suitability of Ground Water in Samawa for the Different Purposes
- User Authentication Using Image Processing Techniques
- Optimized Approach for Collaborative eLearning using Real-Time Social Networks
- Future DASH Applications: a Survey
- Violent and Threatening Behavior of War Veterans with Post Traumatic Stress Disorder! The Forced Psychiatric Treatment is an Obligation, or is A Violence of Human Rights? Case Presentation
Last modified: 2018-11-30 16:09:23