Title | ||
---|---|---|
Improving the performance of signature-based network intrusion detection sensors by multi-threading |
Abstract | ||
---|---|---|
Signature-based Network Intrusion Detection System (NIDS) sensors match network packets against a pre-configured set of intrusion signatures. Current implementations of NIDS sensors employ only a single thread of execution and as a consequence benefit very little from multi-processor hardware platforms. A multi-threaded sensor would allow more efficient and scalable exploitation of these multi-processor machines. We present in detail a number of novel designs for a multi-threaded NIDS sensor and provide performance evaluation figures for a number of multi-threaded implementations of the popular open-source Snort system. |
Year | DOI | Venue |
---|---|---|
2004 | 10.1007/978-3-540-31815-6_16 | WISA |
Keywords | Field | DocType |
multi-processor machine,multi-threaded sensor,nids sensor,intrusion signature,multi-threaded implementation,multi-threaded nids sensor,consequence benefit,signature-based network intrusion detection,multi-processor hardware platform,current implementation | Multithreading,Host-based intrusion detection system,Computer science,Computer security,Network packet,Thread (computing),Real-time computing,Anomaly-based intrusion detection system,Implementation,Intrusion detection system,Embedded system,Scalability | Conference |
Volume | ISSN | ISBN |
3325 | 0302-9743 | 3-540-24015-2 |
Citations | PageRank | References |
14 | 1.10 | 5 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Bart Haagdorens | 1 | 14 | 1.10 |
Tim Vermeiren | 2 | 24 | 2.17 |
Marnix Goossens | 3 | 27 | 3.84 |