Hide metadata

dc.contributor.authorTran, Huy Nhut
dc.date.accessioned2017-08-28T22:27:55Z
dc.date.available2017-08-28T22:27:55Z
dc.date.issued2017
dc.identifier.citationTran, Huy Nhut. A Dynamic Scalable Parallel Network-based Intrusion Detection System using Intelligent Rule Ordering. Master thesis, University of Oslo, 2017
dc.identifier.urihttp://hdl.handle.net/10852/57549
dc.description.abstractAs a complex security tool, the Network-based Intrusion Detection System (NIDS) goes beyond the role of a traditional firewall, by detecting any network security threats with its advanced monitoring of network traffic and its intrusions and anomaly detecting sensors. However, the NIDS is prone to challenges and difficulties in an overloaded state, becoming a bottleneck in a network. Although many solutions have been suggested, they are not completely reliable as each of them also come with disadvantages. This paper not only investigated a design of an architecture which allows NIDS to run in parallel, but also managed to create two algorithms which dynamically adjusts and divides the signature rules evenly across NIDS nodes, showing an adaptive behavior as the result of reducing the number of packets dropped. The paper also discusses adaptive behavior as a system which is able to react and change itself based on certain system load parameters, through monitoring the hardware specifications, computer system resource, or the application code itself depending on how the model for adaption is designed. The results of this study indicate that running NIDS in parallel achieve reduction of packet dropped are achievable. Additionally dynamic scaling of NIDS nodes is functional, while maintaining the NIDS's integrity in terms of computer system resource usage and packet drop rate. All in all, this paper managed to achieve its goals by contributing to the already existent NIDS- related studies with a new architecture design which offers an innovative solution to the challenges of an overloaded NIDS system. The parallel network intrusion detection system architecture explored in this study has been verified to reduce the processing time in pattern matching, therefore, achieving the goal of enhancing the NIDS.eng
dc.language.isoeng
dc.subjectscaling
dc.subjectrule ordering
dc.subjectIDS
dc.subjectparallelization
dc.subjectsnort
dc.titleA Dynamic Scalable Parallel Network-based Intrusion Detection System using Intelligent Rule Orderingeng
dc.typeMaster thesis
dc.date.updated2017-08-28T22:27:55Z
dc.creator.authorTran, Huy Nhut
dc.identifier.urnURN:NBN:no-60306
dc.type.documentMasteroppgave
dc.identifier.fulltextFulltext https://www.duo.uio.no/bitstream/handle/10852/57549/1/Huy_Tran_Master_thesis.pdf


Files in this item

Appears in the following Collection

Hide metadata