Implementation and analysis IDS on SGU network
Intrusion Detection System (IDS) are used to detect attack and make recommendation for future incident.Snort is the most popular open source tools for IDS with the consideration of no limitation. Snort is placed in the network to monitor the traffic going inside out with the ability of signature-based IDS that would categorized certain traffic that has the similarities with Snort's known attack pattern, it will turned that traffic into alerts. Snort can produce alert from intrusion happening, the result then will be logged into mysql database in Ubuntu. Using Snort produced output and Snort data that are mined using rapid miner. In the end, researchers can see the intrusions happen in the network and preparing countermeasure for similar incident, in this research countermeasure will be done by creating the right rule in Snort.
B01527 | (Rack Thesis) | Available |
No other version available