Comparison of pattern matching algorithm for enhancing snort performance
Nowadays, intrusion detection system has become widely used as a network perimeter security. The used of IDS to deter the massively sophisticated attacks in most of our industries, governmental organization and educational institutions .However ,Intrusion detection system can be either host-based or...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2013
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/33103/5/AbuBakarAbdulQadirMFSKSM2013.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.33103 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.331032017-07-24T05:01:51Z Comparison of pattern matching algorithm for enhancing snort performance 2013-01 Abdulkadir, Abubakar TK Electrical engineering. Electronics Nuclear engineering Nowadays, intrusion detection system has become widely used as a network perimeter security. The used of IDS to deter the massively sophisticated attacks in most of our industries, governmental organization and educational institutions .However ,Intrusion detection system can be either host-based or network based intrusion detection system, in a host-base intrusion it monitors the host where its configured while the network-based IDS it monitors both inbound and outbound traffic network. In addition, signature based or anomaly based detection techniques are used to detect anomalous packets or attack in both network and host-based intrusion detection systems. Therefore, the challenges faced by most of the signature based detection systems e.g. snort tool is inability to detect malicious traffic at higher traffic network, which resulted in a packet drooping and subjected the network where this signature based system is configured as a network perimeter security. The challenges resulted as a result of inefficiency of the pattern matching algorithms to efficiently perform pattern matching. In addition, this research work aim to compare the current modified Boyer Moore pattern matching algorithm used by the snort IDS with the Native pattern matching algorithm in order to evaluate their performance and recommend for the implementation of the new pattern matching algorithm that will enhance snort detection performance. 2013-01 Thesis http://eprints.utm.my/id/eprint/33103/ http://eprints.utm.my/id/eprint/33103/5/AbuBakarAbdulQadirMFSKSM2013.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:69877?site_name=Restricted Repository masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information System Faculty of Computer Science and Information System |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
TK Electrical engineering Electronics Nuclear engineering |
| spellingShingle |
TK Electrical engineering Electronics Nuclear engineering Abdulkadir, Abubakar Comparison of pattern matching algorithm for enhancing snort performance |
| description |
Nowadays, intrusion detection system has become widely used as a network perimeter security. The used of IDS to deter the massively sophisticated attacks in most of our industries, governmental organization and educational institutions .However ,Intrusion detection system can be either host-based or network based intrusion detection system, in a host-base intrusion it monitors the host where its configured while the network-based IDS it monitors both inbound and outbound traffic network. In addition, signature based or anomaly based detection techniques are used to detect anomalous packets or attack in both network and host-based intrusion detection systems. Therefore, the challenges faced by most of the signature based detection systems e.g. snort tool is inability to detect malicious traffic at higher traffic network, which resulted in a packet drooping and subjected the network where this signature based system is configured as a network perimeter security. The challenges resulted as a result of inefficiency of the pattern matching algorithms to efficiently perform pattern matching. In addition, this research work aim to compare the current modified Boyer Moore pattern matching algorithm used by the snort IDS with the Native pattern matching algorithm in order to evaluate their performance and recommend for the implementation of the new pattern matching algorithm that will enhance snort detection performance. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Abdulkadir, Abubakar |
| author_facet |
Abdulkadir, Abubakar |
| author_sort |
Abdulkadir, Abubakar |
| title |
Comparison of pattern matching algorithm for enhancing snort performance |
| title_short |
Comparison of pattern matching algorithm for enhancing snort performance |
| title_full |
Comparison of pattern matching algorithm for enhancing snort performance |
| title_fullStr |
Comparison of pattern matching algorithm for enhancing snort performance |
| title_full_unstemmed |
Comparison of pattern matching algorithm for enhancing snort performance |
| title_sort |
comparison of pattern matching algorithm for enhancing snort performance |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Computer Science and Information System |
| granting_department |
Faculty of Computer Science and Information System |
| publishDate |
2013 |
| url |
http://eprints.utm.my/id/eprint/33103/5/AbuBakarAbdulQadirMFSKSM2013.pdf |
| _version_ |
1747816080103964672 |