This project focuses on the possibility of using a Raspberry Pi as an intrusion detection system in a home environment to increase network security. The focus of this study was on how well two different generations of Raspberry Pi would be able to handle network traffic while acting as an intrusion detection system.
To examine this a testing environment was set up containing two workstation computers connected to a Raspberry Pi, each computer hosting a virtual machine. Tests measuring the network throughput as well as the CPU and memory usage were performed on each of the Raspberry Pi devices. Two models of Raspberry Pis were used; Raspberry Pi model B+ and Raspberry Pi 2 model B; each of them running the operating system Arch Linux ARM.
The results of these tests were that both of the Raspberry Pis could be used as an intrusion detection system but has some limitations that could impede usage depending on the requirements of the user. Raspberry Pi 2 model B show benefits of its updated hardware by suffering lower throughput degradation than Raspberry Pi model B+, while using less of it’s total CPU and memory capacity.
Source: Linnaeus University
Authors: Aspernäs, Andreas | Simonsson, Thommy