Design of a Hybrid Intrusion Detection System using Snort and Hadoop

Prathibha P. G; Dileesh E. D

Call for Paper

May Edition

IJCA solicits high quality original research papers for the upcoming May edition of the journal. The last date of research paper submission is 22 April 2024

Submit your paper

Know more

The week's pick

Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin

Random Articles

Analysis of Randomized Performance of Bias Parameters and Activation Function of Extreme Learning Machine

February

2016

Hardware Implementation of FFT using Vertically and Crosswise Algorithm

December

2011

Security and Privacy of Image by Encryption, Lossy Compression and Iterative Reconstruction

January

2013

Empirical Characterization of Propagation Path Loss and Performance Evaluation for Co-Site Urban Environment

May

2013

Reseach Article

Design of a Hybrid Intrusion Detection System using Snort and Hadoop

by Prathibha P. G, Dileesh E. D

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 73 - Number 10

Year of Publication: 2013

Authors: Prathibha P. G, Dileesh E. D

10.5120/12775-9226

Prathibha P. G, Dileesh E. D . Design of a Hybrid Intrusion Detection System using Snort and Hadoop. International Journal of Computer Applications. 73, 10 ( July 2013), 5-10. DOI=10.5120/12775-9226

@article{ 10.5120/12775-9226,

author = { Prathibha P. G, Dileesh E. D },

title = { Design of a Hybrid Intrusion Detection System using Snort and Hadoop },

journal = { International Journal of Computer Applications },

issue_date = { July 2013 },

volume = { 73 },

number = { 10 },

month = { July },

year = { 2013 },

issn = { 0975-8887 },

pages = { 5-10 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume73/number10/12775-9226/ },

doi = { 10.5120/12775-9226 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-06T21:39:42.026113+05:30

%A Prathibha P. G

%A Dileesh E. D

%T Design of a Hybrid Intrusion Detection System using Snort and Hadoop

%J International Journal of Computer Applications

%@ 0975-8887

%V 73

%N 10

%P 5-10

%D 2013

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Security is the most important issue that is to be considered in any environment. Any attack can be launched from any node. Any of these attacks should be identified and subsequent actions should be taken to avoid further consequences. An intrusion detection system helps in identifying the attacks at the early stage and give alarms. These intrusion detection systems should be able to identify almost any kind of attacks, be it a newly launched one or a pre-established one. In this work, the intrusion detection system Snort is made use of . In this work, the packets captured by Snort is analyzed by the Grid computing framework Hadoop, which is used for Big Data Analysis. For more user friendlier analysis a data warehouse system for Hadoop, Hive is also provided. For those ip addresses that generate large number of packets, Snort rules will be generated so that when the number of packets from a particular source exceeds a number, the node will generate alerts to other nodes since there is a possibility of attack.

References

W. Chen, W. Kuo and Y. Wang, Building IDS Log Analysis System on Novel Grid Computing Architecture, National Center for High-Performance Computing, Taiwan,2009
Y. Lee, W. Kang, Y. Lee, A Hadoop-based Packet Trace Processing Tool, Proceedings of Third International Workshop on Traffic Monitoring and Analysis,2011,pp: 51-63
Y. Lee, W. Kanf, H. Son, An Internet Traffic Analysis Method with MapReduce,IEEE/IFIP Network Operations and Management Symposium Workshops,2010 ,pp:357-361
X. Fang ,Integrating Artificial Intelligence into Snort IDS, Proc of 3rd International Workshop on Intelligent Systems and Applications, May 2011,pp: 1- 4
B. E. Lavender, Implementation of Genetic Algorithm into a Network Intrusion Detection System (netGA) and Integrating to nProbe , Thesis Work
J. Gomez, C. Gil , N. Padilla , R. Banos, C. Jimenez, Design of a Snort-Based Hybrid Intrusion Detection System, Proceedings of the 10th International Work-Conference on Artificial Neural Networks, 2009,pp: 515- 522,
M. Roesch ,Snort Lightweight Intrusion Detection for Networks, Proc of LISA '99: 13th Systems Administration Conference, 1999 ,pp:230- 238
T. White and P. W. Daly, Hadoop-The Definitive Guide, O'Reilly
A. Thushoo et. al. ,Hive A Petabyte Scale Data Warehouse Using Hadoop, Proceedings of ICDE Conference,2010 ,pp:996-1004

Index Terms

Computer Science

Information Sciences

Keywords

Hadoop Hive MapReduce Snort RulesKeyword