Method of Self-Similar Load Balancing in Network Intrusion Detection System
share
In this paper, the problem of load balancing in network intrusion detection system is considered. Load balancing method based on work of several components of network intrusion detection system and on the analysis of multifractal properties of incoming traffic is proposed. The proposed method takes into account a degree of multifractality for calculation of deep packet inspection time, on the basis of which the time necessary for comparing the packet with the signatures is calculated. Load balancing rules are generated using the estimated average deep packet inspection time and the multifractality parameters of incoming load. Comparative analysis of the proposed load balancing method with the standard one showed that the proposed method improves the quality of service parameters and the percentage of packets that are not analyzed.
READ FULL TEXT