Performance Evaluation In Real-Time Network Intrusion Detection System Using Snort
The growing numbers of Internet threats increasingly inspire the need of applying a defence in depth concepts to protect worldwide computer systems from being intruded for grabbing information. Crucially, the defence in depth includes multiple pieces of software and hardware working together to prov...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English English |
Published: |
2008
|
Subjects: | |
Online Access: | https://etd.uum.edu.my/540/1/Ausama_A._Majeed.pdf https://etd.uum.edu.my/540/2/Ausama_A._Majeed.pdf https://etd.uum.edu.my/540/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Utara Malaysia |
Language: | English English |
Summary: | The growing numbers of Internet threats increasingly inspire the need of applying a defence in depth concepts to protect worldwide computer systems from being intruded for grabbing information. Crucially, the defence in depth includes multiple pieces of software and hardware working together to provide the desired protection. Purposefully, one component of this approach is names as Network
Intrusion Detection System (NIDS) and its affiliation tool of the Snort IDS. However, to ensure that such an implementation is taking the row into reliable succession, the systems have to be examined to provide the decision makers with assurance about the way of reducing risks. Therefore, the criteria in achieving an effective NIDS, this system should not degrade overall network performance.
Fruitfully, some experiments are designed and implemented using the simulation test-bed methodology with the interference of the Snort which measured by end-to-end delay-time. Introducing this software through the engine is going to be highlighted and discussed as a method of Intrusion Detection Systems testing performance at a basic level in order to ensure unaffected network traffic.
Moreover, this will play a role to provide some information as if the IDS is efficiently capable to detect intrusions while maintaining network performance. |
---|