Para-Snort: A Multi-Thread Snort on Multi-Core IA Platform

Free registration required

Executive Summary

As security threats and network bandwidth increase in a very fast pace, there is a growing interest in designing high-performance Network Intrusion Detection System (NIDS). This paper presents a parallelization strategy for the popular open-source Snort to build a high performance NIDS on multi-core IA platform. A modular design of parallel NIDS based on Snort is proposed in this paper. Named Para-Snort, it enables flexible and easy module design. This paper also analyzed the performance impact of load balancing and multi-pattern matching. Modified-JSQ and AC-WM algorithms are implemented in order to resolve the bottlenecks and improve the performance of the system.

  • Format: PDF
  • Size: 150.7 KB