A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the proce...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2004
|
Subjects: | |
Online Access: | https://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-uitm-ir.27200 |
---|---|
record_format |
uketd_dc |
spelling |
my-uitm-ir.272002020-01-13T04:03:34Z A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik 2004-02 Nik Abdul Malik, Nik Mariza Electronic Computers. Computer Science Expert systems (Computer science). Fuzzy expert systems Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the process of monitoring intrusion events that occur in a computer system or network, and analyze them for signs of intrusions. Today, the number of IDS has increased rapidly. Most IDS are signature based, which means that they make use of a certain pattern of a packet to identify intrusion in the network traffic. This pattern of a packet is also known as ' signature' . This signature needs to be up-to-date to ensure that the IDS is working properly and able to identify the pattern of interest. The task of updating signature can either be done by network administrator or using the default installation installed by the IDS vendor. Therefore, the objective of this research is to simulate the actual process involved in identifying a signature to write a rule. It uses a signature based IDS named Snort that is capable of detecting an intrusion using a signature, which is embedded in its rule sets. This research is done in a controlled laboratory environment, which consists of small Local Area Network (LAN). As a result of this research, seven steps have been identified in the process of identifying the signature of a packet to write a rule. This rule is used to detect the abnormal packet, which is a possible intrusion packet for the respective implemented network environment. 2004-02 Thesis https://ir.uitm.edu.my/id/eprint/27200/ https://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf text en public masters Universiti Teknologi MARA Faculty of Computer Science and Mathematics |
institution |
Universiti Teknologi MARA |
collection |
UiTM Institutional Repository |
language |
English |
topic |
Electronic Computers Computer Science Electronic Computers Computer Science |
spellingShingle |
Electronic Computers Computer Science Electronic Computers Computer Science Nik Abdul Malik, Nik Mariza A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
description |
Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the process of monitoring intrusion events that occur in a computer system or network, and analyze them for signs of intrusions. Today, the number of IDS has increased rapidly. Most IDS are signature based, which means that they make use of a certain pattern of a packet to identify intrusion in the network traffic. This pattern of a packet is also known as ' signature' . This signature needs to be up-to-date to ensure that the IDS is working properly and able to identify the pattern of interest. The task of updating signature can either be done by network administrator or using the default installation installed by the IDS vendor. Therefore, the objective of this research is to simulate the actual process involved in identifying a signature to write a rule. It uses a signature based IDS named Snort that is capable of detecting an intrusion using a signature, which is embedded in its rule sets. This research is done in a controlled laboratory environment, which consists of small Local Area Network (LAN). As a result of this research, seven steps have been identified in the process of identifying the signature of a packet to write a rule. This rule is used to detect the abnormal packet, which is a possible intrusion packet for the respective implemented network environment. |
format |
Thesis |
qualification_level |
Master's degree |
author |
Nik Abdul Malik, Nik Mariza |
author_facet |
Nik Abdul Malik, Nik Mariza |
author_sort |
Nik Abdul Malik, Nik Mariza |
title |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
title_short |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
title_full |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
title_fullStr |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
title_full_unstemmed |
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik |
title_sort |
signature based intrusion detection system (ids) : using snort / nik mariza nik abdul malik |
granting_institution |
Universiti Teknologi MARA |
granting_department |
Faculty of Computer Science and Mathematics |
publishDate |
2004 |
url |
https://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf |
_version_ |
1783733935410249728 |