International E-publication: Publish Projects, Dissertation, Theses, Books, Souvenir, Conference Proceeding with ISBN.  International E-Bulletin: Information/News regarding: Academics and Research

Characterizing Strengths of Snort-based IDPS

    , ,

Author Affiliations

  • 1Shaheed Zulfikar Ali Bhutto Institute of Science and Technology (SZABIST), Islamabad, PAKISTAN

Res. J. Recent Sci., Volume 3, Issue (4), Pages 88-94, April,2 (2014)

Abstract

The Internet has revolutionized computer networks and the last decade witnessed tremendous expansion in its usage. It provides remarkable opportunities and growth potential for all types of organizations, academia and businesses. Network security is vital for any organization connected to the Internet. Foolproof network security is a key challenge which can be addressed by hardening the network against threats e.g., hackers, malwares, botnets, data thieves etc. Firewalls, antivirus and intrusion detection systems are used to protect the network. Firewall can control network traffic but sole dependence on this type of security measure is not enough. Attackers use open ports such as web server (http) port 80 and POP server port 110 to infiltrate networks. Intrusion detection system (IDS) minimizes security gaps and strengthens security of a network by analyzing the network packets for sifting malicious packets. Snort is renowned as a leader in IDS technology. Snort uses both misuse-based and anomaly-based techniques for capturing malevolent packets. Addition of prevention support in IDS is a step forward as it can help block malicious packets. Real time detection with prevention by Intrusion Detection and Prevention Systems (IDPS) has taken the security of a network to an advanced level by hardening the network against mischievous activities. The objective of this paper is to review the contemporary literature and to provide a critical evaluation of various techniques of intrusion detection and prevention systems. We analyze and identify the strengths and limitations of various techniques used in Snort-based IDPS systems. This paper also highlights the usefulness of IDPS in network security environment.

References

  1. Santosh K., Technical Problems Especially Web Security Related With World Wide Web, ISCA J. Engineering Sci., 1(4), 53-56 (2012)
  2. Shivlal M., Kumar U S., Performance Analysis of Secure Wireless Mesh Networks, ISCA J. Engineering Sci., 1(3), 80-85 (2012)
  3. Yadav S K.., Rizvi S A A., Cybernetics Security Requirements and Reuse for Improving Information Systems Security, ISCA J. Engineering Sci., 1(5), 51-54 (2012)
  4. Baba B D., Routing Protocols in Mobile Ad Hoc Networks, ISCA J. Engineering Sci.,1(6), 36-39(2012)
  5. Arnab P., Tahavranil., Blue-Soft: A Bluetooth based Wireless Secure download and upload station, ISCS Engineering Sci., 2(8), 12-17 (2013)
  6. Padmashani R., Sathyadevan S., Dath D., BSnort IPS, In proceedings of 12th International Conference on Intelligent Systems Design and Applications, Kochi, India, 46-51(2012)
  7. Kalbande D, Singh M, Incidence Handling and Response System,. International Journal of Computer Science and Information security, 2(1), (2009)
  8. Salehi H., Shirazi H., Moghadam R., Increasing overall network security by integrating Signature-Based NIDS with Packet Filtering Firewall, In Proceeding of International Joint Conference on Artificial Intelligence, Hainan Island, 357-362 (2009)
  9. Alshubhi K., Aib I., Francois J., Boutaba R., Policy–Based Configuration Management Application to Intrusion Detection and Prevention, In proceedings of International Conference on Communication, Dresden, 1-6 (2009)
  10. Tang H., Xu C., Xi, Luo X., OuYang J., Traceback-based Bloomfilter IPS in defending SYN flooding attack In Proceedings of 5th International Wireless Communications, Networking and Mobile Computing, Beijing, 1-6 (2009)
  11. Xi J., A Design and Implement of IPS Based on Snort, In Proceedings of 7th International Conference on Computational Intelligence and Security, Hainan, 771-773 (2011)
  12. Tuteja A., Shanker R., Optimization of Snort for Extrusion and Intrusion Detection and Prevention, International Journal of Engineering Research and Applications, 2(3), 1768-1774 (2012)
  13. Hou X., Jiang Z., Tian X., The detection and prevention for ARP spoofing based on snort, In Proceedings of International Conference on Computer Application and System Modeling, Taiyuan, 5137-5139 (2010)
  14. Lee N-Y., Chiang H.J., The research of botnet detection and prevention,. In Proceeding of International Conference of Computer Symposium , Yang-Kang, Taiwan, 119-124 (2010)
  15. Patil S., Meshram B.B., Network Intrusion Detection and Prevention techniques for Dos attacks, International Journal of Scientific and Research Publication, 2( 7), (2012)
  16. Peng Y., Wang H., Design and Implementation of Network Instruction Detection System Based on Snort and NTOP, In Proceedings of International Conference on Systems and Informatics , Yantai, 116-120 (2012)
  17. Naveed M., Nihar S., Babar M., Network Intrusion Prevention by Configuring ACLs on the Routers, based on Snort IDS alerts, In Proceedings of 6th International Conference on Emerging Technologies, Islamabad, 234239 (2010)
  18. Patil S., Meshram B.B., Intrusion Prevention System, International Journal of Emerging trends in Engineering and Development, 4(2), (2012)
  19. Li H., Liu D., Research on Intelligent Intrusion Prevention System Based on Snort, In Proceedings of International Conference on Computer, Mechatronics, Control, and Electronic Engineering, Changchun, 251-253 (2010)
  20. Sandip S., Ajit M., Bapusaheb D., An Improved Approach for Signature Based Intrusion Detection and Prevention, In Proceedings on International Conference in Computational Intelligence, New York, (2012)