Authors: Alka Gupta; Lalit Sen Sharma
Addresses: Department of Computer Science and IT, University of Jammu, J & K, India ' Department of Computer Science and IT, University of Jammu, J & K, India
Abstract: Internet has shown a tremendous growth in the last few years and along with it, the impact, quality and quantity of threats on it have also increased. Organisations are striving to find methods to protect their data and network from the existing and emerging threats. Defence and monitoring system have become an essential part of all organisations who want to secure their data against network threats. This paper presents a categorical survey on the various research techniques taken for improving the performance of open-source intrusion detection system, Snort – de facto in the field of intrusion detection and prevention. The pros and cons of all the techniques have been presented. A novel parallel architecture has been proposed to increase the performance of Snort-IDS in a high speed network. The architecture is based on the constituent protocol proportions of the network traffic.
Keywords: keywords-network intrusion detection system; parallel architecture; Snort; signature-based; pattern-matching; HIDS; NIDS.
International Journal of Information and Computer Security, 2020 Vol.13 No.3/4, pp.337 - 356
Received: 08 Feb 2018
Accepted: 28 Aug 2018
Published online: 06 May 2020 *