Predicting the Resource Consumption of Network Intrusion Detection Systems
When installing Network Intrusion Detection Systems (NIDSs), operators are faced with a large number of parameters and analysis options for tuning trade-offs between detection accuracy versus resource requirements. In this paper, the authors set out to assist this process by understanding and predicting the CPU and memory consumption of such systems. They begin towards this goal by devising a general NIDS resource model to capture the ways in which CPU and memory usage scale with changes in network traffic. They then use this model to predict the resource demands of different configurations in specific environments.