Abstract
This paper outlines an innovative software development that utilises Quality of Service (QoS) and parallel technologies in Cisco Catalyst Switches to increase the analytical performance of a Network Intrusion Detection and Protection System (NIDPS) when deployed in high-speed networks. We have designed a real network to present experiments that use a Snort NIDPS. Our experiments demonstrate the weaknesses of NIDPSs, such as inability to process multiple packets and propensity to drop packets in heavy traffic and high-speed networks without analysing them. We tested Snort's analysis performance, gauging the number of packets sent, analysed, dropped, filtered, injected, and outstanding. We suggest using QoS configuration technologies in a Cisco Catalyst 3560 Series Switch and parallel Snorts to improve NIDPS performance and to reduce the number of dropped packets. Our results show that our novel configuration improves performance.
Original language | English |
---|---|
Pages (from-to) | 981-999 |
Journal | Journal of Computer and System Sciences |
Volume | 81 |
Issue number | 6 |
Early online date | 18 Dec 2014 |
DOIs | |
Publication status | Published - Sept 2015 |
Bibliographical note
“NOTICE: this is the author’s version of a work that was accepted for publication in Journalof Computer and System Sciences. Changes resulting from the publishing process, such as
peer review, editing, corrections, structural formatting, and other quality control
mechanisms may not be reflected in this document. Changes may have been made to this
work since it was submitted for publication. A definitive version was subsequently published
in in Journal of Computer and System Sciences, [in press] DOI 10.1016/j.jcss.2014.12.012 ¨
Keywords
- Network security
- Intrusion detection system
- Intrusion protection system
- Parallel processing
- Switch configuration
- Quality of Service