| Title | Performance comparison and optimization of mainstream NIDS systems in offline mode based on parallel processing technology |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Zhou, Tianyang |
| Conference Name | 2021 2nd International Conference on Computing and Data Science (CDS) |
| Keywords | Data Science, Instruction sets, Metrics, multicore computing security, Multicore processing, network intrusion detection, NIDS, parallel processing, performance comparison, pubcrawl, resilience, Resiliency, Scalability, Snort2, Snort3, Software algorithms, Suricata, System performance |
| Abstract | For the network intrusion detection system (NIDS), improving the performance of the analysis process has always been one of the primary goals that NIDS needs to solve. An important method to improve performance is to use parallel processing technology to maximize the usage of multi-core CPU resources. In this paper, by splitting Pcap data packets, the NIDS software Snort3 can process Pcap packets in parallel mode. On this basis, this paper compares the performance between Snort2, Suricata, and Snort3 with different CPU cores in processing different sizes of Pcap data packets. At the same time, a parallel unpacking algorithm is proposed to further improve the parallel processing performance of Snort3. |
| DOI | 10.1109/CDS52072.2021.00030 |
| Citation Key | zhou_performance_2021 |
Performance comparison and optimization of mainstream NIDS systems in offline mode based on parallel processing technology