CFP last date
22 April 2024
Reseach Article

Analysis of Snort Rules to Prevent Synflood Attacks on Network Security

by Karmadenur, Raka Yusuf
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 178 - Number 40
Year of Publication: 2019
Authors: Karmadenur, Raka Yusuf
10.5120/ijca2019919283

Karmadenur, Raka Yusuf . Analysis of Snort Rules to Prevent Synflood Attacks on Network Security. International Journal of Computer Applications. 178, 40 ( Aug 2019), 14-19. DOI=10.5120/ijca2019919283

@article{ 10.5120/ijca2019919283,
author = { Karmadenur, Raka Yusuf },
title = { Analysis of Snort Rules to Prevent Synflood Attacks on Network Security },
journal = { International Journal of Computer Applications },
issue_date = { Aug 2019 },
volume = { 178 },
number = { 40 },
month = { Aug },
year = { 2019 },
issn = { 0975-8887 },
pages = { 14-19 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume178/number40/30800-2019919283/ },
doi = { 10.5120/ijca2019919283 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:52:41.561622+05:30
%A Karmadenur
%A Raka Yusuf
%T Analysis of Snort Rules to Prevent Synflood Attacks on Network Security
%J International Journal of Computer Applications
%@ 0975-8887
%V 178
%N 40
%P 14-19
%D 2019
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Snort rules are a form of the database whose attack pattern is applied to a Snort server to filter out the types of attacks, so that the type of attack detected can be isolated, the Snort rule database must be updated so that if there are new types of attack patterns it can be found by Snort rules. This analysis will provide input to update regularly so that if a new type of attack is detected and can be detected. Snort rules to prevent SYN Flood attacks, the type of denial of service that has been formulated using loopholes when connecting to TCP / IP is done. In network security analysis it is very important to formulate an attack pattern that will attack the network so that it can be overcome by Snort rules. Maintaining a secure network from interference can be overcome by Snort rules. Analysis of Snort's rules is to prevent SYN Flood attacks on network security and makes it easier for administrators to report the types of attacks that enter Snort rules and make it easier to make policies improve based on the logs in Snort rules.

References
  1. T. Ubale and A. K. Jain, “SRL : An TCP SYNFLOOD DDoS Mitigation Approach in Software-Defined Networks,” 2018 Second Int. Conf. Electron. Commun. Aerosp. Technol., no. Iceca, pp. 956–962, 2018.
  2. N. Jongsawat and J. Decharoenchitpong, “Creating behavior-based rules for snort based on Bayesian network learning algorithms,” Proc. 2015 Int. Conf. Sci. Technol. TICST 2015, pp. 267–270, 2015.
  3. R. T. Gaddam and M. Nandhini, “An analysis of various snort based techniques to detect and prevent intrusions in networks,” Proc. Int. Conf. Inven. Commun. Comput. Technol. ICICCT 2017, no. Icicct, pp. 10–15, 2017.
  4. C. Turner and A. Joseph, “A Statistical and Cluster Analysis Exploratory Study of Snort Rules,” Procedia Comput. Sci., vol. 114, pp. 106–115, 2017.
  5. S. Hameed and H. A. Khan, “Leveraging SDN for collaborative DDoS mitigation,” 2017 Int. Conf. Networked Syst. NetSys 2017, no. March, 2017.
  6. A. Motivaciones, “Security for WI SP through Mikrotik equ uipment krotik ),” 2015 Chil. Conf. Electr. Electron. Eng. Inf. Commun. Technol., pp. 229–233, 2015.
  7. R. F. Olanrewaju, B. U. Islam Khan, A. R. Najeeb, K. N. A. Ku Zahir, and S. Hussain, “Snort-based Smart and Swift Intrusion Detection System,” Indian J. Sci. Technol., vol. 11, no. 4, pp. 1–9, 2018.
  8. D. Ibdah, M. Kanani, N. Lachtar, N. Allan, and B. Al-Duwairi, “On the security of SDN-enabled smartgrid systems,” 2017 Int. Conf. Electr. Comput. Technol. Appl. ICECTA 2017, vol. 2018-Janua, pp. 1–5, 2018.
  9. P. Singh, S. Behal, and K. Kumar, “Performance enhancement of a Malware Detection System using score based prioritization of snort rules,” Proc. 2015 Int. Conf. Green Comput. Internet Things, ICGCIoT 2015, pp. 1150–1155, 2016.
  10. C. Networks, S. K. Patel, and A. Sonker, “Internet Protocol Identification Number based Ideal Stealth Port Scan Detection using Snort,” 2016.
  11. Y. Yin, Y. Wang, and N. Takahashi, “Set-based calculation of topological relations between snort rules,” Proc. - 2014 2nd Int. Symp. Comput. Networking, CANDAR 2014, pp. 617–619, 2014.
  12. M. Sadikin, R. Yusuf, and A. R. Dwiyanto, “Load Balancing Clustering on Moodle LMS to Overcome Performance Issue of e-Learning System,” TELKOMNIKA (Telecommunication Comput. Electron. Control., vol. 17, no. 1, pp. 281–289, 2019.
  13. F. I. Shiri, B. Shanmugam, and N. B. Idris, “A parallel technique for improving the performance of signature-based network intrusion detection system,” A Parallel Tech. Improv. Perform. Signature-Based Netw. Intrusion Detect. Syst., pp. 692–696, 2011.
  14. I. Nurhaida and Ngadiyono, “Quality of Service for Traffic Monitoring System based on Static Routing using EoIP Tunnel over IPSec,” no. 1, pp. 91–99, 2019.
  15. S. S. Bhunia and M. Gurusamy, “Dynamic Attack Detection and Mitigation in IoT using SDN,” 2017.
  16. A. Masys, “Networks and network analysis for defence and security,” pp. 1479–1480, 2014.
  17. N. Khamphakdee, N. Benjamas, and S. Saiyod, “Improving intrusion detection system based on Snort rules for network probe attack detection,” 2014 2nd Int. Conf. Inf. Commun. Technol. ICoICT 2014, pp. 69–74, 2014.
  18. N. Suteva, A. Mileva, and M. Loleski, “Computer Forensic Analisys of Some Web Attacks,” pp. 42–47, 2014.
  19. A. Garg, “Performance Analysis of Snort-based Intrusion Detection System,” pp. 0–4, 2016.
  20. I. Coonjah and P. C. Catherine, “Performance Evaluation and Analysis of Layer 3 Tunneling between OpenSSH and OpenVPN in a Wide Area Network Environment,” pp. 1–4, 2015.
Index Terms

Computer Science
Information Sciences

Keywords

Snort Rules SYN Flood attack Option Rules DDoS