Improving performance of network intrusion detection systems through concurrent mechanisms

Atakan, Mustafa
As the bandwidth of present networks gets larger than the past, the demand of Network Intrusion Detection Systems (NIDS) that function in real time becomes the major requirement for high-speed networks. If these systems are not fast enough to process all network traffic passing, some malicious security violations may take role using this drawback. In order to make that kind of applications schedulable, some concurrency mechanism is introduced to the general flowchart of their algorithm. The principal aim is to fully utilize each resource of the platform and overlap the independent parts of the applications. In the sense of this context, a generic multi-threaded infrastructure is designed and proposed. The concurrency metrics of the new system is analyzed and compared with the original ones.


A simple and effective mechanism for stored video streaming with TCP transport and server-side adaptive frame discard
Gurses, E; Akar, Gözde; Akar, N (Elsevier BV, 2005-07-15)
Transmission control protocol (TCP) with its well-established congestion control mechanism is the prevailing transport layer protocol for non-real time data in current Internet Protocol (IP) networks. It would be desirable to transmit any type of multimedia data using TCP in order to take advantage of the extensive operational experience behind TCP in the Internet. However, some features of TCP including retransmissions and variations in throughput and delay, although not catastrophic for non-real time data...
Mobile multi-access IP: a proposal for mobile multi-access management in future wireless IP networks
Altuntas, S; Baykal, Buyurman (Elsevier BV, 2005-03-15)
As the wireless networking technologies advance rapidly, providing mobile users with roaming freely in heterogeneous wireless access domains, the need for multi-access arises. This paper introduces the Mobile Multi-Access Management Architecture (MMA-IP) for IP-based future wireless networks. MMA-IP enables mobile users to utilize multiple access domains synchronously and to switch between different access domains. In order to handle multi-access operations, MMA-IP defines a new special mobility agent, call...
A new scalable service discipline for real-time traffic: The framed-deadline scheduler
Schmidt, Şenan Ece (Elsevier BV, 2007-03-26)
Qulaity of Service (Qos) support in a scalable and low-complexity fashion is important in high-speed networks carrying real-time traffic. There are service disciplines that can provide end-to-end bandwidth and delay guarantees. However, they are designed to operate with expensive output quenching switches or with combined input-output queuing (CIOQ) switches that require very complicated fabric work with a CIOQ packet switch to provide the same end-to-end QoS guarantees as service disciplines that only work...
Optimal number of routing paths in multi-path routing to minimize energy consumption in wireless sensor networks
İncebacak, Davut; Tavlı, Bulent; Bıcakçı, Kemal; Altın-Kayhan, Ayşegül (Springer Science and Business Media LLC, 2013-10-30)
In wireless sensor networks, multi-path routing is proposed for energy balancing which prolongs the network lifetime as compared to single-path routing where utilization of a single route between a source node and the base station results in imbalanced energy dissipation. While it is evident that increasing the number of routing paths mitigates the problem of energy over-utilization in a subset of nodes acting as relays, the net effect of the proliferation of multiple routing paths on energy balancing remai...
A new approach for the scalable intrusion detection in high-speed networks
Şahin, Ümit Burak; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2007)
As the networks become faster and faster, the emerging requirement is to improve the performance of the Intrusion Detection and Prevention Systems (IDPS) to keep up with the increased network throughput. In high speed networks, it is very difficult for the IDPS to process all the packets. Since the throughput of IDPS is not improved as fast as the throughput of the switches and routers, it is necessary to develop new detection techniques other than traditional techniques. In this thesis we propose a rule-ba...
Citation Formats
M. Atakan, “Improving performance of network intrusion detection systems through concurrent mechanisms,” M.S. - Master of Science, Middle East Technical University, 2003.