A Comparison Of The Resource Requirements Of Snort And Bro In Production Networks
- Barnett, Richard J, Irwin, Barry V W
- Authors: Barnett, Richard J , Irwin, Barry V W
- Date: 2009
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430040 , vital:72661 , https://www.iadisportal.org/applied-computing-2009-proceedings
- Description: Intrusion Detection is essential in modern networking. However, with the increas-ing load on modern networks, the resource requirements of NIDS are significant. This paper explores and compares the requirements of Snort and Bro, and finds that Snort is more efficient at processing network traffic than Bro. It also finds that both systems are capable of analysing current network loads on commodity hardware, but may be unable to do so for higher bandwidth networks. This is ben-eficial in a South African context due to the increasing international bandwidth that will come online with the launch of the SEACOM Cable, and local projects such as SANREN.
- Full Text:
- Authors: Barnett, Richard J , Irwin, Barry V W
- Date: 2009
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430040 , vital:72661 , https://www.iadisportal.org/applied-computing-2009-proceedings
- Description: Intrusion Detection is essential in modern networking. However, with the increas-ing load on modern networks, the resource requirements of NIDS are significant. This paper explores and compares the requirements of Snort and Bro, and finds that Snort is more efficient at processing network traffic than Bro. It also finds that both systems are capable of analysing current network loads on commodity hardware, but may be unable to do so for higher bandwidth networks. This is ben-eficial in a South African context due to the increasing international bandwidth that will come online with the launch of the SEACOM Cable, and local projects such as SANREN.
- Full Text:
Performance Effects of Concurrent Virtual Machine Execution in VMware Workstation 6
- Barnett, Richard J, Irwin, Barry V W
- Authors: Barnett, Richard J , Irwin, Barry V W
- Date: 2009
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429966 , vital:72655 , https://doi.org/10.1007/978-90-481-3660-5_56
- Description: The recent trend toward virtualized computing both as a means of serv-er consolidation and as a powerful desktop computing tool has lead into a wide variety of studies into the performance of hypervisor products. This study has investigated the scalability of VMware Workstation 6 on the desktop platform. We present comparative performance results for the concurrent execution of a number of virtual machines. A through statistical analysis of the performance results highlights the perfor-mance trends of different numbers of concurrent virtual machines and concludes that VMware workstation can scale in certain contexts. We find that there are different performance benefits dependant on the ap-plication and that memory intensive applications perform less effective-ly than those applications which are IO intensive. We also find that run-ning concurrent virtual machines offers a significant performance de-crease, but that the drop thereafter is less significant.
- Full Text:
- Authors: Barnett, Richard J , Irwin, Barry V W
- Date: 2009
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429966 , vital:72655 , https://doi.org/10.1007/978-90-481-3660-5_56
- Description: The recent trend toward virtualized computing both as a means of serv-er consolidation and as a powerful desktop computing tool has lead into a wide variety of studies into the performance of hypervisor products. This study has investigated the scalability of VMware Workstation 6 on the desktop platform. We present comparative performance results for the concurrent execution of a number of virtual machines. A through statistical analysis of the performance results highlights the perfor-mance trends of different numbers of concurrent virtual machines and concludes that VMware workstation can scale in certain contexts. We find that there are different performance benefits dependant on the ap-plication and that memory intensive applications perform less effective-ly than those applications which are IO intensive. We also find that run-ning concurrent virtual machines offers a significant performance de-crease, but that the drop thereafter is less significant.
- Full Text:
Towards a taxonomy of network scanning techniques
- Barnett, Richard J, Irwin, Barry V W
- Authors: Barnett, Richard J , Irwin, Barry V W
- Date: 2008
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430310 , vital:72682 , https://doi.org/10.1145/1456659.1456660
- Description: Network scanning is a common reconnaissance activity in network in-trusion. Despite this, it's classification remains vague and detection sys-tems in current Network Intrusion Detection Systems are incapable of detecting many forms of scanning traffic. This paper presents a classi-fication of network scanning and illustrates how complex and varied this activity is. The presented classification extends previous, well known, definitions of scanning traffic in a manner which reflects this complexity.
- Full Text:
- Authors: Barnett, Richard J , Irwin, Barry V W
- Date: 2008
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430310 , vital:72682 , https://doi.org/10.1145/1456659.1456660
- Description: Network scanning is a common reconnaissance activity in network in-trusion. Despite this, it's classification remains vague and detection sys-tems in current Network Intrusion Detection Systems are incapable of detecting many forms of scanning traffic. This paper presents a classi-fication of network scanning and illustrates how complex and varied this activity is. The presented classification extends previous, well known, definitions of scanning traffic in a manner which reflects this complexity.
- Full Text:
- «
- ‹
- 1
- ›
- »