Implementation Of Intrusion Detection System Using Snort
Intrusion Detection System (IDS) is a vital network security tool for protecting the network systems that consists of software and hardware to monitor all the inbound and outbound network and system activities for malicious activities in the network traffic. The purpose of IDS is to assists the netw...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
Faculty Of Information And Communication Technology, UTeM
2019
|
| Online Access: | http://eprints.utem.edu.my/id/eprint/24284/2/2.3.2.2-IDS-JACTA.PDF http://eprints.utem.edu.my/id/eprint/24284/ https://jacta.utem.edu.my/jacta/article/view/5178/3645 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Intrusion Detection System (IDS) is a vital network security tool for protecting the network systems that consists of software and hardware to monitor all the inbound and outbound network and system activities for malicious activities in the network traffic. The purpose of IDS is to assists the network administrator or the system by sending alerts and notifications when there are possible
incidents, which violations of computer security policies exist.
However, IDS causes a false alarm when attacker perform
modifications at the rules settings. Therefore, this study performs
experiment to detect anomaly incident and intruder in the network
system. The implementation on snort development is provided and
testing is executed in order to prove that snort capable to detect intruder. The findings showed that anomaly user can be detected based on port scanning, telnet to port to detect the unusual traffic and monitoring using NMAP to identify abnormal activities. As a result, the impact of Snort could bring an alternative solution on network monitoring in terms of continuous detection on unusual traffic movements, cost effective since Snort is an open source product and it can be customized to suit with the network environment |
|---|