抄録
In this paper, we propose the best traffic control mechanism for network-based intrusion prevention system. We performed a test for it in Linux-based system. We considered various queueing algorithm as a traffic controller such as Class Based Queueing (CBQ), Stochastic Fairness Queueing (SFQ), Token Bucket Filter (TBF), Hierarchical Token Bucket (HTB) algorithm. Among the representative five kinds of queueing algorithms, TBF is the best performance in throughput and latency aspects. And we suggest CBQ and HTB are remarkable ones as the good traffic controller in our network-based intrusion prevention system.
