Title :
String matching enhancement for snort IDS
Author :
Al-Mamory, Safaa O. ; Hamid, Ali ; Abdul-Razak, Asala ; Falah, Zainab
Author_Institution :
Coll. of Comput. Technol., Univ. of Babylon, Babylon, Iraq
fDate :
Nov. 30 2010-Dec. 2 2010
Abstract :
Intrusion Detection System (IDS) is a security technology that attempts to identify intrusions. Snort is an open source IDS which enables us to detect the previously known intrusions. However, Snort IDS has several problems one of them is the efficiency problem. We suggest using distributed environment in order to enhance it. We achieved this goal by enhancing the Snort´s string matching engine through using a LAN of computers, where each computer in the LAN matching a subset of the monitored attacks. The experimental results show that it is possible to improve Snort´s efficiency using distributed environment. In addition, Snort´s testability has been enhanced.
Keywords :
computer network security; local area networks; string matching; LAN; intrusion detection system; open source IDS; snort IDS; string matching enhancement; Algorithm design and analysis; Computers; Engines; Floods; Intrusion detection; Local area networks; Monitoring;
Conference_Titel :
Computer Sciences and Convergence Information Technology (ICCIT), 2010 5th International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-8567-3
Electronic_ISBN :
978-89-88678-30-5
DOI :
10.1109/ICCIT.2010.5711211
