Title :
Automatic SNORT IDS rule generation based on honeypot log
Author_Institution :
Cyber Security Research Centre, Faculty of Informatics & Electrical, Del Institute of Technology, Toba Samosir, Indonesia
Abstract :
The main objective of this research is to integrate honeypot and IDS, which can generate and activate snort rule automatically based on the data sending by honeypot server. The new technic is present in this paper, honeypot will collect the data, send the data to IDS, and then IDS will evaluate and generate the rules automatically. Rule that has been made will be active to filter packets sent by the user on the network. We compare rule generated automatically with default rule in snort system for the same pattern. The performance of the proposed technique was evaluated by measuring the effectiveness of IDS server from the attacking.
Keywords :
"Servers","Intrusion detection","Production","IP networks","Information technology","Electrical engineering"
Conference_Titel :
Information Technology and Electrical Engineering (ICITEE), 2015 7th International Conference on
DOI :
10.1109/ICITEED.2015.7409013
