Modeling and Performance Analysis on the Response Capacity against Alert Information in an Intrusion Detection System


The KIPS Transactions:PartC, Vol. 12, No. 6, pp. 855-864, Oct. 2005
10.3745/KIPSTC.2005.12.6.855,   PDF Download:

Abstract

In this paper, we propose an intrusion detection system(IDS) architecture which can detec and respond against the generation of abnormal traffic such as malicious code and Internet worms. We model the system, design and implement a simulator using OPNET Modeller, for the performance analysis on the response capacity of alert information in the proposed system. At first, we model the arrival process of alert information resulted from abnormal traffic. In order to model the situation in which alert information is intensively produced, we apply the IBP(Interrupted Bernoulli Process) which may represent well the burstiness of traffic. Then we perform the simulation in order to gain some quantitative understanding of the system for our performance parameters. Based on the results of the performance analysis, we analyze factors which may hinder in accelerating the speed of security node, and would like to present some methods to enhance performance.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
Y. H. Jeon, J. S. Jang, J. S. Jang, "Modeling and Performance Analysis on the Response Capacity against Alert Information in an Intrusion Detection System," The KIPS Transactions:PartC, vol. 12, no. 6, pp. 855-864, 2005. DOI: 10.3745/KIPSTC.2005.12.6.855.

[ACM Style]
Yong Hee Jeon, Jung Sook Jang, and Jong Soo Jang. 2005. Modeling and Performance Analysis on the Response Capacity against Alert Information in an Intrusion Detection System. The KIPS Transactions:PartC, 12, 6, (2005), 855-864. DOI: 10.3745/KIPSTC.2005.12.6.855.