Call for Paper - September 2020 Edition
IJCA solicits original research papers for the September 2020 Edition. Last date of manuscript submission is August 20, 2020. Read More

The Implementation and Assessment of Snort Capabilities

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2017
Authors:
Aaruni Goel, Ashok Vasishtha
10.5120/ijca2017914525

Aaruni Goel and Ashok Vasishtha. The Implementation and Assessment of Snort Capabilities. International Journal of Computer Applications 167(13):15-23, June 2017. BibTeX

@article{10.5120/ijca2017914525,
	author = {Aaruni Goel and Ashok Vasishtha},
	title = {The Implementation and Assessment of Snort Capabilities},
	journal = {International Journal of Computer Applications},
	issue_date = {June 2017},
	volume = {167},
	number = {13},
	month = {Jun},
	year = {2017},
	issn = {0975-8887},
	pages = {15-23},
	numpages = {9},
	url = {http://www.ijcaonline.org/archives/volume167/number13/27830-2017914525},
	doi = {10.5120/ijca2017914525},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

The attacks on computer networks are not a new deal. In general except for financial institutions and military or intelligence organizations nobody bothers about it. But in recent times it is being observing that it effects much more than the said calculations. Assuming that somebody (attacker) blocked the access of particular seller’s website at peak times then it results that his customer would like to choose another seller’s website whose outcome may result to tremendous loss of permanent seller. Likewise, there are many instances where the impact on network attacks has been observed from top notch to common people. Snort has emerged as a powerful solution to those organizations that could not spent much on purchasing licensed intrusion detection and prevention system as snort is free ware. This paper is aiding to popularize the techniques that can help everybody to identify and prevent from these attacks. The discussed medium in this paper is SNORT, an open source and powerful network intrusion detection and prevention tool.

References

  1. Goel, Aaruni and Vasishtha, A.K., A Review on Foundation of Network Intrusion Detection and Prevention Systems (NIDPS)”, csjournals, 2017, Volume 9, Issue 1, pp.125-137.
  2. L. Emilie and E. Jonsson, “Survey of Intrusion Detection Research”, Chalmers University of Technology, (2002)
  3. E. D. Dorothy, “An intrusion-detection model”, Software Engineering, IEEE Transactions, vol. 2, (1987), pp. 222-232.
  4. R. Suman and V. Singh, “SNORT: An Open Source Network Security Tool for Intrusion Detection in Campus Network Environment”, International Journal of Computer Technology and Electronics Engineering, vol. 2, no. 1, (2012), pp. 137-142.
  5. R. R. Ur, “Intrusion detection systems with Snort: advanced IDS techniques using Snort, Apache, MySQL, PHP, and ACID”, Prentice Hall Professional, (2003).
  6. K. Vinod and O. P. Sangwan, “Signature based intrusion detection system using snort”, International Journal of Computer Applications & Information Technology, vol. 1, no. 3, (2012), pp. 35-41.
  7. Salah, K. and Qahtan, A.; “Boosting throughput of Snort NIDS under Linux”, Proceedings of IEEE International Conference on “Innovations in Information Technology”, pp: 643 – 647, 2008.
  8. Ahmed, M.; Pal, R.; Hossain, M.; Hasan, K. and Bikas, A.N.; “A Comparative Study on the Currently Existing Intrusion Detection Systems”, Proceedings of IEEE International Conference on “Computer Science and Technology”, pp: 151 – 154, 2009.
  9. Salah, K. and Kahtani, A.; “Improving snort performance under linux”, Proceedings of Communications, IET, vol. 3, Issue: 12, pp: 1883 – 1895, 2009.
  10. Ismail, M.N. and Ismail, M.T.; “Framework of Intrusion Detection System via Snort Application on Campus Network Environment”, Proceedings of IEEE International Conference on “Future Computer and Communication”, pp: 455 – 459, 2009.
  11. Brian Caswell and Jeremy Hewlett. Snort Users Manual (http://www.snort.org/docs/).
  12. Chang-Su Moon and Sun-Hyung Kim. (2014). Integrated Security System based Real-time Network Packet Deep Inspection. International Journal of Security and Its Applications, pp. 123– 135.
  13. S. Vikrama Teja, S. Kranthi Kumar, T.V. Rao, G.Dayanandam. (2013, August). In-line Prevention System using Snort. International Journal of Application and Innovation in Engineering management.
  14. DARPA Data Set for Intrusion Detection and Prevention (1999) (https://www.ll.mit.edu/ideval/data/)

Keywords

Snort, Libcap, swatch, sendmail, packet logging