A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik

Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the proce...

Full description

Bibliographic Details
Main Author: Nik Abdul Malik, Nik Mariza
Format: Thesis
Language:English
Published: 2004
Subjects:
Online Access:http://ir.uitm.edu.my/id/eprint/27200/
http://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf
id uitm-27200
recordtype eprints
spelling uitm-272002020-01-13T04:03:34Z http://ir.uitm.edu.my/id/eprint/27200/ A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik Nik Abdul Malik, Nik Mariza Electronic computers. Computer science Expert systems (Computer science). Fuzzy expert systems Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the process of monitoring intrusion events that occur in a computer system or network, and analyze them for signs of intrusions. Today, the number of IDS has increased rapidly. Most IDS are signature based, which means that they make use of a certain pattern of a packet to identify intrusion in the network traffic. This pattern of a packet is also known as ' signature' . This signature needs to be up-to-date to ensure that the IDS is working properly and able to identify the pattern of interest. The task of updating signature can either be done by network administrator or using the default installation installed by the IDS vendor. Therefore, the objective of this research is to simulate the actual process involved in identifying a signature to write a rule. It uses a signature based IDS named Snort that is capable of detecting an intrusion using a signature, which is embedded in its rule sets. This research is done in a controlled laboratory environment, which consists of small Local Area Network (LAN). As a result of this research, seven steps have been identified in the process of identifying the signature of a packet to write a rule. This rule is used to detect the abnormal packet, which is a possible intrusion packet for the respective implemented network environment. 2004-02 Thesis NonPeerReviewed text en http://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf Nik Abdul Malik, Nik Mariza (2004) A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik. Masters thesis, Universiti Teknologi MARA.
repository_type Digital Repository
institution_category Local University
institution Universiti Teknologi MARA
building UiTM Institutional Repository
collection Online Access
language English
topic Electronic computers. Computer science
Expert systems (Computer science). Fuzzy expert systems
spellingShingle Electronic computers. Computer science
Expert systems (Computer science). Fuzzy expert systems
Nik Abdul Malik, Nik Mariza
A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
description Intrusion detection has become the main issue to consider by any organization transporting sensitive and confidential information over the network. This is because those organizations are exposed to intruders. Intrusion Detection Systems (IDS) are software or hardware systems that automate the process of monitoring intrusion events that occur in a computer system or network, and analyze them for signs of intrusions. Today, the number of IDS has increased rapidly. Most IDS are signature based, which means that they make use of a certain pattern of a packet to identify intrusion in the network traffic. This pattern of a packet is also known as ' signature' . This signature needs to be up-to-date to ensure that the IDS is working properly and able to identify the pattern of interest. The task of updating signature can either be done by network administrator or using the default installation installed by the IDS vendor. Therefore, the objective of this research is to simulate the actual process involved in identifying a signature to write a rule. It uses a signature based IDS named Snort that is capable of detecting an intrusion using a signature, which is embedded in its rule sets. This research is done in a controlled laboratory environment, which consists of small Local Area Network (LAN). As a result of this research, seven steps have been identified in the process of identifying the signature of a packet to write a rule. This rule is used to detect the abnormal packet, which is a possible intrusion packet for the respective implemented network environment.
format Thesis
author Nik Abdul Malik, Nik Mariza
author_facet Nik Abdul Malik, Nik Mariza
author_sort Nik Abdul Malik, Nik Mariza
title A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
title_short A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
title_full A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
title_fullStr A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
title_full_unstemmed A signature based intrusion detection system (IDS) : using snort / Nik Mariza Nik Abdul Malik
title_sort signature based intrusion detection system (ids) : using snort / nik mariza nik abdul malik
publishDate 2004
url http://ir.uitm.edu.my/id/eprint/27200/
http://ir.uitm.edu.my/id/eprint/27200/1/TM_NIK%20MARIZA%20NIK%20ABDUL%20MALIK%20CS%2004_5.pdf
first_indexed 2023-09-18T23:17:59Z
last_indexed 2023-09-18T23:17:59Z
_version_ 1777419240923463680