Performance Evaluation of Different Pattern Matching Algorithms of Snort

Abhigya Mahajan; Alka Gupta; Lalit Sen Sharma

Performance Evaluation of Different Pattern Matching Algorithms of Snort

Abhigya Mahajan , Alka Gupta , Lalit Sen Sharma

Affiliations
1 Department of Computer Science & IT, University of Jammu, J & K, India

Snort is the most widely deployed Network Intrusion Detection System (NIDS) whose performance is dominated by the pattern matching of packets in the network. In this paper, we present an experimental evaluation and comparison of the performance of different pattern matching algorithms of Snort NIDS namely ac-q, ac-bnfa, acsplit, ac-banded and ac-sparsebands on Linux Operating System (Ubuntu Server 16.04). Snort's performance is measured by subjecting the server running Snort v2.9.9.1 to live malicious traffic and a standard dataset. The performance is calculated and compared in terms of throughput, memory utilization and CPU utilization.

Keywords

Bnfa, D-ITG, NIDS, Pattern-Matching, Scapy, Snort, Sparsebands.

I-Scholar

Journal Help

User

Notifications

Journal Content
Browse

Font Size

Information

International Journal of Advanced Networking and Applications

Performance Evaluation of Different Pattern Matching Algorithms of Snort

Keywords

Performance Evaluation of Different Pattern Matching Algorithms of Snort

Authors

Abstract

Keywords

References

Username
Password
Remember me

Username
Password
Remember me