Explore the performance of Intrusion Detection Systems (IDS) in constrained environments through this 46-minute conference talk by Shelton Wright from the University of Alabama Huntsville's Center for Cybersecurity Research and Education. Delve into host-based and network-based IDS, focusing on the Pitbull system and its modules. Examine data gathering techniques, test environments, and virtual machine configurations. Analyze test results, including denial of service scenarios, alerts, and Apache circuit alerts. Investigate the impact on hardware resources, such as disk usage, CPU usage, and packet drops. Gain valuable insights into IDS performance optimization for resource-limited settings.
Overview
Syllabus
Introduction
Hostbased IDS
Networkbased IDS
Goals
Overview
Pitbull
Pitbull Modules
Gathering Data
Test Environment
Virtual Environments
Virtual Machine Configuration
Results
Test Rules
Test Rules Results
Denial of Service
Alerts
Investigating
Apache Bench Test
Apache Circuit Alerts
Disk Usage
Hardware
Number of Alerts
CPU Usage
Packet Drops
Summary
Conclusion
Questions
Taught by
CAE in Cybersecurity Community
