ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Performance Evaluation of Different Pattern Matching Algorithms of Snort

Journal: International Journal of Advanced Networking and Applications (Vol.10, No. 02)

Publication Date:

Authors : ; ; ;

Page : 3776-3781

Keywords : Bnfa; D-ITG; NIDS; pattern-matching; Scapy; Snort; sparsebands;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

Snort is the most widely deployed Network Intrusion Detection System (NIDS) whose performance is dominated by the pattern matching of packets in the network. In this paper, we present an experimental evaluation and comparison of the performance of different pattern matching algorithms of Snort NIDS namely ac-q, ac-bnfa, acsplit, ac-banded and ac-sparsebands on Linux Operating System (Ubuntu Server 16.04). Snort's performance is measured by subjecting the server running Snort v2.9.9.1 to live malicious traffic and a standard dataset. The performance is calculated and compared in terms of throughput, memory utilization and CPU utilization.

Last modified: 2018-11-30 16:09:23