首页    期刊浏览 2024年12月02日 星期一
登录注册

文章基本信息

  • 标题:Performance Improvement by Coordinating Configurations of Independently-managed NIDS
  • 本地全文:下载
  • 作者:Miyuki Hanaoka ; Kenji Kono ; Toshio Hirotsu
  • 期刊名称:International Journal of Computer Science and Network Security
  • 印刷版ISSN:1738-7906
  • 出版年度:2011
  • 卷号:11
  • 期号:5
  • 页码:1-11
  • 出版社:International Journal of Computer Science and Network Security
  • 摘要:Because of today's increased traffic volume and sophisticated attacks, implementing a network intrusion detection/prevention system (NIDS/NIPS) with a single workstation has been chal-lenging. In this paper, we propose Brownie, a system for im-proving performance by coordinating configurations of already-existing, independently-managed NIDSs in an organization. In-stead of installing one expensive hardware or parallel NIDSs at a network entry point, Brownie achieves performance improvement by 1) offloading overloaded NIDS, and 2) eliminating redundant rules. First, Brownie exchanges NIDSs' load status and transfers some rules from overloaded to light-loaded NIDSs, which prevents the overloaded NIDSs from bottlenecking the network. Second, if some NIDSs on a network path enable the same rules, Brownie eliminates the redundant rules, which reduces the aggregate overhead of the NIDSs. The experimental results with a web server benchmark suggest that Brownie increases the benchmark throughput by more than 10%. In addition, Brownie running with a university full-packet trace successfully offloads overloaded NIDS and eliminates redundant rules.
  • 关键词:Network Security; Network Intrusion Detection-Prevention System; Performance
国家哲学社会科学文献中心版权所有