A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the proce...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2004
|
| Subjects: | |
| Online Access: | http://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf http://ir.uitm.edu.my/id/eprint/27200/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.uitm.ir.27200 |
|---|---|
| record_format |
eprints |
| spelling |
my.uitm.ir.272002020-01-13T04:03:34Z http://ir.uitm.edu.my/id/eprint/27200/ A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik Nik Abdul Malik, Nik Mariza Electronic Computers. Computer Science Expert systems (Computer science). Fuzzy expert systems Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the process of monitoring intrusion events that occur in a computer system or network, and analyze them for signs of intrusions. Today, the number of IDS has increased rapidly. Most IDS are signature based, which means that they make use of a certain pattern of a packet to identify intrusion in the network traffic. This pattern of a packet is also known as ' signature' . This signature needs to be up-to-date to ensure that the IDS is working properly and able to identify the pattern of interest. The task of updating signature can either be done by network administrator or using the default installation installed by the IDS vendor. Therefore, the objective of this research is to simulate the actual process involved in identifying a signature to write a rule. It uses a signature based IDS named Snort that is capable of detecting an intrusion using a signature, which is embedded in its rule sets. This research is done in a controlled laboratory environment, which consists of small Local Area Network (LAN). As a result of this research, seven steps have been identified in the process of identifying the signature of a packet to write a rule. This rule is used to detect the abnormal packet, which is a possible intrusion packet for the respective implemented network environment. 2004-02 Thesis NonPeerReviewed text en http://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf Nik Abdul Malik, Nik Mariza (2004) A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik. Masters thesis, Universiti Teknologi MARA. |
| institution |
Universiti Teknologi Mara |
| building |
Tun Abdul Razak Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Mara |
| content_source |
UiTM Institutional Repository |
| url_provider |
http://ir.uitm.edu.my/ |
| language |
English |
| topic |
Electronic Computers. Computer Science Expert systems (Computer science). Fuzzy expert systems |
| spellingShingle |
Electronic Computers. Computer Science Expert systems (Computer science). Fuzzy expert systems Nik Abdul Malik, Nik Mariza A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
| description |
Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the process of monitoring intrusion events that occur in a computer system or network, and analyze them for signs of intrusions. Today, the number of IDS has increased rapidly. Most IDS are signature based, which means that they make use of a certain pattern of a packet to identify intrusion in the network traffic. This pattern of a packet is also known as ' signature' . This signature needs to be up-to-date to ensure that the IDS is working properly and able to identify the pattern of interest. The task of updating signature can either be done by network administrator or using the default installation installed by the IDS vendor. Therefore, the objective of this research is to simulate the actual process involved in identifying a signature to write a rule. It uses a signature based IDS named Snort that is capable of detecting an intrusion using a signature, which is embedded in its rule sets. This research is done in a controlled laboratory environment, which consists of small Local Area Network (LAN). As a result of this research, seven steps have been identified in the process of identifying the signature of a packet to write a rule. This rule is used to detect the abnormal packet, which is a possible intrusion packet for the respective implemented network environment. |
| format |
Thesis |
| author |
Nik Abdul Malik, Nik Mariza |
| author_facet |
Nik Abdul Malik, Nik Mariza |
| author_sort |
Nik Abdul Malik, Nik Mariza |
| title |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
| title_short |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
| title_full |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
| title_fullStr |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
| title_full_unstemmed |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
| title_sort |
signature based intrusion detection system (ids) : using snort / nik mariza nik abdul malik |
| publishDate |
2004 |
| url |
http://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf http://ir.uitm.edu.my/id/eprint/27200/ |
| _version_ |
1685650238855970816 |
| score |
13.214268 |