Abstract:

Scope of the study to analyze the effect of intrusion detection systems on the computing
system(Boot time .RAM ,Cpu, Network bandwidth, and the speed of download and upload a
folder of (1Gb,100mb) from a server which is my personal laptop to a server host which is
the virtual machine using Ftp with a help of FileZilla program.
Microsoft Antivirus and Tinywall firewall were used in this study, and the test was
conducted using a virtual machine with windows 10 operating system on VirtualBox as a
virtual platform program.

Introduction:
Many people seek to speed up their computers in order to obtain the best performance and
complete tasks as quickly as possible, and at the same time everyone needs to secure the
operating system against viruses and electronic attacks, and the best way to do so is to use
protection and antivirus software, but is it possible That these things conflict with each other, in
other words, can antivirus programs affect computer performance and speed? In fact, this is
possible as any program or application running on the computer consumes part of the resources,
whether the processor, RAM, etc., but on the other hand, there are many other reasons that may
slow down the computer, as antivirus programs are not always the reason for this.

Antivirus programs need to work permanently in the background in order to protect the computer
from infection with viruses and malware from its various sources, whether through the Internet
or through external storage media and any other device connected to the computer, etc., and the
idea of antivirus programs depends on comparing existing data The operating system and various
programs have a very large database, which allows them to detect malware and viruses.
Of course, completing this process will consume a large amount of processing power, RAM, and
other device resources, but in return it will protect our device from infection with viruses.[1]

What is the virus?

A computer virus is an external program that was intentionally created with the purpose of
changing the properties of the files it infects to carry out some commands, either to remove,
modify, sabotage, and similar operations.
That is computer viruses are programs that are written by professional programmers for the
purpose of harming another computer, controlling it, or stealing important data, and it is written
in a specific way.
A computer virus is characterized as a program capable of replication and spread. The virus
attaches itself to another program called the host.
 Viruses cannot be created by themselves. It can be transmitted from an infected computer to a
healthy one.
A virus is a program designed to spread itself among files and to integrate or stick to programs,
When the infected program is run, it may infect the rest of the files with it on the hard or floppy
disk, so the virus needs intervention on the part of the user in order to spread.

What are antivirus software:

Antivirus software can be defined as software that detects malicious files that may infect a
computer and removes them automatically on the one hand, and on the other hand works as a
wall to protect accounts on the computer interface when connected to the Internet against
spyware and other malicious programs that may infect the device, and anti-virus software is one
of the surest ways that the user can rely on to detect any viruses that may have attacked his
device.
An antivirus program consists of two different parts:
- Direct operation upon entry:
This part works automatically when running programs or downloading files from the Internet,
which is known as the On Access element.
2- On-demand operation:
This part works when you ask it to, and it is specialized in detecting viruses and Trojan horses
(TORJAN) in hard disks, soft disks, and CDs, which is known as the Demand element.

An Intrusion Detection System (IDS):

is software specifically designed to monitor network traffic and detect irregularities, where
unexplained or unexplained network changes indicate malicious activity at any stage, be it the
beginning of an attack or a full-fledged hack. There are two main types of intrusion detection
systems (IDS).
IDS are Network Intrusion Detection System (NIDS) and Host Detection System (HIDS).[2]

What is a firewall:
It is a program that protects the computer while it is connected to the Internet from risks, where
the firewall examines all information and data received from the Internet, or from any other
network, and then allows it to pass and enter the computer, if it is compatible with Firewall
settings, or exclude and expel them from malicious programs (Malware), such as: viruses,
spyware, or if they are incompatible with the firewall settings.[3]
The impact of intrusion detection systems on Boot time:
Boot time tracer was used for this test as following:
a) before IDS:
– 49,515s boot-time (16s for Windows Boot, 33s for Desktop)
b) after Microsoft security=windows defender
– 51.156s boot-time (14s for Windows Boot, 37s for Desktop) --> increase by 103.31%
c) after Ms security & Tinywall:
– 60.640s boot-time (13s for Windows Boot, 47s for Desktop) --> increase 122.46%

The impact of intrusion detection systems on Cpu:

Task manager was used to check the cpu status as following
a) before IDS:
– 2-3 Mhz
b) after Microsoft security=windows defender
– 6-7 Mhz
c) after Ms security & Tinywall:
– 8 Mhz

The impact of intrusion detection systems on RAM:

Task manager was used to check the Ram status as following
 a) before IDS:
-- 2900 MB free
b) after IDS (Ms security ):
-- 2800 MB free (100 MB RAM used by Ms security) --> 3.4% reduction
c) after IDS (Ms security & Tinywall)
-- 2784 MB free (115.9 MB used by Ms security & Tinywall tiny wall use just 15.9mb) -->
3.99% reduction

The impact of intrusion detection systems on Internet Bandwidth :

Digi speed test was used for this test as following :
a) before IDS:
– 314mbps (dl),157.3mbps (upload)
b) after Microsoft security=windows defender
– 290.4mbps (dl),138.9mbps (upload)

c) after Ms security & Tinywall:

– 262.3mbps (dl),162.6mbps (upload)
The effect of intrusion detection systems on the download and upload speed of a folder
(1GB, 100MB):

a) before IDS:
– Download for 1gb :143.6 mib/s --- Upload: 55 mib/s
_ Download for 100mb :100 mib/s --- Upload: 66 mib/s
b) after Microsoft security=windows defender
– Download for 1gb :130 mib/s --- Upload: 46 mib/s reduction of (download/upload)
speed (9.4 – 16.3 %)
_ Download for 100mb : 97 mib/s --- Upload: 64 mib/s
reduction of (download/upload) speed (3 – 3.03 %)

c) after Ms security & Tinywall:

– Download for 1gb :120 mib/s --- Upload: 56 mib/s
reduction of download speed to16.43 %
and the upload speed has increased to 101%

_ Download for 100mb : 60 mib/s --- Upload: 56 mib/s

reduction of download speed to 60 %
and the upload speed almost the same.
Conclusion:
As we’ve seen before using protection and antivirus programs had increase the Boot time by 122.46%
and raised the Cpu usage from 28 which is completely normal because every time a scan
starts, the antivirus needs to compare the network drive against a huge list of malware signatures,
which naturally requires a decent amount of processing power in other hand the effect of intrusion
detection systems on the download and upload speed of a folder it increase by 16.43 % but the effect was
unnoticeable on the upload speed.

Here we can say that protection and antivirus programs may have a role in affecting the
performance of the computer and slowing it down, but given the very important benefits that
these programs offer you, you may not be able to do without them at all, and here you will need
to look at other reasons that may affect the performance The computer and its treatment first
before blaming the protection software.
Bibliography:
1. How antiviruses work CHRIS HOFFMAN AND NICK LEWIS, APR 15, 2022

https://www.howtogeek.com/125650/htg-explains-how-antivirus-software-works/

2. Type of antivirus scan .BYGAVIN PHILLIPS ,PUBLISHED MAY 2, 2018

https://www.makeuseof.com/tag/antivirus-scan-types/

3. 3.How does a firewall affect speed?

by Elizabeth Burns / in Computers & electronics

https://us.norton.com/blog/emerging-threats/what-is-firewall