Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Information Security
Active Snort Rules And The Needs For Computing Resources: Computing Resources Needed To Activate Different Numbers Of Snort Rules, Chad A. Arney, Xinli Wang
Active Snort Rules And The Needs For Computing Resources: Computing Resources Needed To Activate Different Numbers Of Snort Rules, Chad A. Arney, Xinli Wang
School of Technology Publications
This project was designed to discover the relationship between the number of enabled rules maintained by Snort and the amount of computing resources necessary to operate this intrusion detection system (IDS) as a sensor. A physical environment was set up to loosely simulate a network and an IDS sensor monitoring it.
The experiment was conducted in five trials. A different number of Snort rules was enabled in each trial and the corresponding utilization of computing resources was measured. Remarkable variation and a clear trend of CPU usage were observed in the experiment.