Performance Analysis of Open Source IDPS in Virtual Computing Environment

Image credit: Unsplash

Abstract

The technology of virtualization seemed promising in resource allocation of hardware and software to organizations, but there were some challenges related to its cost, security, and operation. Intrusion detection and prevention system (IDPS), which was a network and host-based security application, had increasingly been deployed to benefit from the services of virtualization but at the same time experienced performance problems because of the shared resources in a virtualized environment. The specific problem addressed in this research study was the decreased performance of virtualized open source IDPSs in virtual computing environments compared to their corresponding physical environments. The purpose of this quantitative experimental study was to evaluate the performance of virtualized open source IDPSs in virtual computing environments compared to their corresponding physical environments. The proposed research design and method in this study allowed for categorization of the variables of physical and virtual environments into the independent variables, and the variables of IDPSs’ computing and network resources into the dependent variables, which were measured and evaluated using statistical tests. The experiment was conducted in a controlled condition using a test system consisting of open source IDPSs, hypervisors, network traffic, and monitoring tools in both the physical and virtual environments. The results of Mann-Whitney test indicated the combined CPU utilization of all three IDPSs in virtual environments (Mdn=.69) differed significantly from physical environments (Mdn=.63), U = 972.00, z = −3.70, p < .001, r = −.35. In addition, the results of T-test indicated the combined disk write utilization of all three IDPSs in virtual environments (M=2.31, SE=0.02) differed significantly from physical environments (M=2.23, SE=0.02), t (104) = −2.69, p < .05, r= .25. The overall result was that disk write was the only variable among four variables tested that provided the strong evidence to the study problem. A recommendation of this study was that manipulating the variables of CPU and disk write while addressing some of the limitations posed in this study might provide a different perspective on the performance evaluation of IDPSs in physical and virtual environments.

Publication
*ProQuest