Design of a Snort-Based Hybrid Intrusion Detection System
نویسندگان
چکیده
Computer security has become a major problem in our society. In particular, computer network security is concerned with preventing the intrusion of an unauthorized person into a network of computers. An intrusion detection system (IDS) is a tool to monitor the network traffic and users’ activity with the aim of distinguishing between hostile and non-hostile traffic. Snort is an IDS available under GPL, which allows pattern search. This paper presents a new anomaly pre-processor that extends the functionality of Snort IDS, making it a hybrid IDS.
منابع مشابه
Improvement and parallelization of Snort network intrusion detection mechanism using graphics processing unit
Nowadays, Network Intrusion Detection Systems (NIDS) are widely used to provide full security on computer networks. IDS are categorized into two primary types, including signature-based systems and anomaly-based systems. The former is more commonly used than the latter due to its lower error rate. The core of a signature-based IDS is the pattern matching. This process is inherently a computatio...
متن کاملHybrid Intrusion Detection with Weighted Signature Generation
An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system IDS. Since IDS only works by matching the incoming transaction record with its predefined attack patterns stored in the database, it is necessary to develop a system whi...
متن کاملA Hybrid Snort-Negative Selection Network Intrusion Detection Technique
Network Intrusion Detection Systems (NIDSs) are systems that monitor computer networks to detect, identify and prevent the malicious events, which attempt to compromise the integrity, confidentiality or availability of computer networks. The NIDS may be classified according to the detection technique into two types, the "Signature-Based" and "Anomaly-Based" NIDS. In order to increase the effici...
متن کاملA hybrid intrusion detection system design for computer network security
Intrusions detection systems (IDSs) are systems that try to detect attacks as they occur or after the attacks took place. IDSs collect network traffic information from some point on the network or computer system and then use this information to secure the network. Intrusion detection systems can be misuse-detection or anomaly detection based. Misuse-detection based IDSs can only detect known a...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کامل