Predicting the resource consumption of network intrusion detection systems

Authors:
Holger Dreger;Anja Feldmann;Vern Paxson;Robin Sommer
Affiliations:
Siemens AG, Corporate Technology, Munich, Germany;Deutsche Telekom Labs/TU-Berlin, Berlin, Germany;ICSI/LBNL, Berkeley, CA, USA;LBNL/ICSI, Berkeley, CA, USA
Venue:
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Year:
2008

Citing 4
Cited 2

Bro: a system for detecting network intruders in real-time

Computer Networks: The International Journal of Computer and Telecommunications Networking
Enhancing byte-level network intrusion detection signatures with context

Proceedings of the 10th ACM conference on Computer and communications security
Operational experiences with high-volume network intrusion detection

Proceedings of the 11th ACM conference on Computer and communications security
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration

Dialog-based payload aggregation for intrusion detection

Proceedings of the 17th ACM conference on Computer and communications security
New opportunities for load balancing in network-wide intrusion detection systems

Proceedings of the 8th international conference on Emerging networking experiments and technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

When installing network intrusion detection systems (NIDSs), operators are faced with a large number of parameters and analysis options for tuning trade-offs between detection accuracy versus resource requirements. In this work we set out to assist this process by understanding and predicting the CPU and memory consumption of such systems.