利用多线程技术改造Snort系统

Abstract

Abstract: The Snort system is a lightweight network intrusion detection system based on rules. In this paper, the principle, the basic structure and the workflow of this system are analyzed. Aiming at the Snort system working in a single thread, a reform scheme based on the multithreading technique for developing its performance is put forward, including a queue between two function modules and a busy sign flag in every decoder and chain node. The workflow of the reformed system is described then. Finally, the performance of the reformed system is analyzed theoretically associating with the result of a simulated experiment with a simplified model, which shows the detection efficiency is increased and the rate of miss-detection is decreased, but the workloads of CPU and the computer memory are increased.

Key words: network safety, Snort, network intrusion detection system, multithreading, Snort workflow

CLC Number:

TP393

LIN Guo-qing;WANG Xin-mei. Reform of the Snort system by the multithreading technique
[J].J4, 2007, 34(6): 887-894.

[1]	LI Ming,HU Jiangping,CAO Xiaoli. Minimum cost of node deployment strategy for heterogeneous sensor networks [J]. Journal of Xidian University, 2021, 48(4): 11-19.
[2]	MA Yue,ZHANG Yumei. Method for distributed deployment of the virtual network function manager for MEC [J]. Journal of Xidian University, 2021, 48(4): 20-26.
[3]	SHEN Lixiang,MU Dejun,CAO Guo,XIE Guangqian,SHU Fangyong. Constructing formal verification models for hardware Trojans [J]. Journal of Xidian University, 2021, 48(3): 146-153.
[4]	ZENG Yong,WU Zhengyuan,DONG Lihua,LIU Zhihong,MA Jianfeng,LI Zan. Research on malicious traffic identification technology in encrypted traffic [J]. Journal of Xidian University, 2021, 48(3): 170-187.
[5]	CHAI Yanna,LI Kunlun,SONG Huansheng. On the security of the intrusion detection system in smart vehicles [J]. Journal of Xidian University, 2021, 48(3): 31-39.
[6]	LING Min,LUO Ying,YUAN Liang,JIN Chuanxue. Method for estimation of vehicular network traffic for smart transportations [J]. Journal of Xidian University, 2021, 48(3): 40-48.
[7]	LÜ Yi,ZHU Bo,WU Dapeng. Video multipath transmission mechanism with load balancing in the FiWi network [J]. Journal of Xidian University, 2021, 48(3): 63-70.
[8]	LIU Jingmei,GAO Yuanbo. Fast network intrusion detection system using adaptive binning feature selection [J]. Journal of Xidian University, 2021, 48(1): 176-182.
[9]	LIU Huayuan,SU Yunfei,LI Ruilin,TANG Chaojing. Structure-statebased graybox Fuzzing technique [J]. Journal of Xidian University, 2021, 48(1): 117-123.
[10]	FAN Meiyue,DONG Qingkuan,WANG Lei,YANG Can. TTP-free weighted muti-owner RFID tag authentication protocol [J]. Journal of Xidian University, 2021, 48(1): 133-140.
[11]	QI Xiaoxin,ZHANG Bing,QIU Zhiliang. Method for node acceptance in broadband access networks [J]. Journal of Xidian University, 2020, 47(6): 99-105.
[12]	ZHANG Yinghao,LIU Xiaofan. Preliminary research on the blockchain protocol in satellite broadcasting network environment [J]. Journal of Xidian University, 2020, 47(5): 11-18.
[13]	MA Shiyang,DONG Xuewen,QUAN Yining,TONG Wei,YANG Lingxiao. Method for evaluation of web services compatibility based on the blockchain’s consensus algorithm [J]. Journal of Xidian University, 2020, 47(5): 63-69.
[14]	ZHANG Lu,MU Dejun,HU Wei,TAI Yu. High-level synthesis design flow for power side-channel security [J]. Journal of Xidian University, 2020, 47(4): 64-69.
[15]	HE Qinlu,BIAN Genqing,SHAO Bilin,ZHANG Weiqi. Deduplication technology for the mobile flash [J]. Journal of Xidian University, 2020, 47(1): 128-134.

Reform of the Snort system by the multithreading technique

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Metrics

Comments

Recommended 7