Relevant bibliographies by topics / Snort

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Snort'

Author: Grafiati
Published: 4 June 2021
Last updated: 25 April 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Snort.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Snort"

1

Sabekti, Muhamad Agung. "Pembuatan Web Interface Snort untuk Managemen Firewall dengan Operasi CRUD (Create, Read, Update, Delete) pada File System Snort dan Pengujian Web dengan Serangan serta Notifikasi pada Email dan Telegram." Indonesian Journal of Applied Informatics 3, no. 2 (August 4, 2019): 74. http://dx.doi.org/10.20961/ijai.v3i2.27836.

Full text
Abstract:
<p><em>Snort</em> merupakan salah satu aplikasi <em>firewall</em> yang dikonfigurasi dalam terminal linux, meliputi konfigurasi <em>snort</em>, <em>input rule snort</em>, dan hasil alert <em>snort</em> pada terminal linux. Untuk mempermudah monitoring alert diterminal linux, maka alert diimplementasikan pada email dan telegram serta guna mempermudah dalam aktifitas dalam aktifitas input rule snort maka dibuatlah <em>web interface snort </em>. Metode untuk menangani Snort berjalan pada <em>mode inline</em> dengan menggunakan modul <em>daq_afpacket</em> dalam snort itu sendiri, dan untuk melakukan blok ketika terjadi serangan, snort menggunakan <em>firewall iptables</em>. Alert diimplementasikan pada email menggunakan protokol <em>ssmtp</em> dan pada telegram menggunakan id dan api telegram. Hasil dari penelitian menyatakan pembuatan web <em>interface</em> dapat dengan mudah mengelola <em>rule</em> dan alert <em>snort</em>, serta dapat diaplikasikan dalam beberapa serangan yang diujikan.</p><p>_______________________________________________</p><p>Abstract</p><p><em>In general, snort is a firewall application that is configured in Linux terminals, including the implementation of snort, input snort rules, and snort warning results on Linux terminals. To monitor the linux warning alarm, the alerts are implemented on e-mail and telegram, as well as for input information in snort mode and then create a snort web interface. The method for handling Snort runs in inline mode by using the daq_afpacket module in the snort itself, and to block when an attack occurs, snort uses the iptables firewall. Alerts are implemented in e-mail using the ssmtp protocol and on telegrams using id and telegram fires. The results of the study state that making web interfaces can easily manage rules and snort alerts, and can be applied in several attacks that are tested.</em></p>
APA, Harvard, Vancouver, ISO, and other styles
2

Acosta, Andres, and Leonardo Rodriguez. "Snort como herramienta administrativa." INVENTUM 3, no. 5 (July 7, 2008): 74–78. http://dx.doi.org/10.26620/uniminuto.inventum.3.5.2008.74-78.

Full text
Abstract:
Snort como una herramienta de sniffer puede ser utilizado en forma ilegal capturando tráfico, en el cual se puede filtrar información privada de una empresa. Este artículo pretende dar a entender que su uso se puede orientar a una forma administrativa para asegurar una red, de tal forma que esta herramienta nos informe sobre hechos o eventos ocurridos dentro de unas reglas preestablecidas por el administrador de la red. Así mismo, describe algunas características de Snort, como su ubicación dentro del esquema de red y la creación de reglas, controlando así el tráfico entrante y saliente. Snort como IDS busca aumentar la seguridad, vigilar y examinar el tráfico de la red en busca de datos sospechosos, además de detectar los primeros instantes de un ataque que pueden comprometer de manera importante la seguridad de la red.
APA, Harvard, Vancouver, ISO, and other styles
3

Saganowski, Łukasz, and Tomasz Andrysiak. "Snort IDS Hybrid ADS Preprocessor." Image Processing & Communications 17, no. 4 (December 1, 2012): 17–22. http://dx.doi.org/10.2478/v10248-012-0024-0.

Full text
Abstract:
Abstract The paper presents hybrid anomaly detection preprocessor for SNORT IDS - Intrusion Detection System [1] base on statistical test and DWT - Discrete Wavelet Transform coefficient analysis. Preprocessor increases functionality of SNORT IDS system and has complementary properties. Possibility of detection network anomalies is increased by using two different algorithms. SNORT captures network traffic features which are used by ADS (Anomaly Detection System) preprocessor for detecting anomalies. Chi-square statistical test and DWT subband coefficients energy values are used for calculating of normal network traffic profiles. We evaluated proposed SNORT extension with the use of test network.
APA, Harvard, Vancouver, ISO, and other styles
4

Dewi Paramitha, Ida Ayu Shinta, Gusti Made Arya Sasmita, and I. Made Sunia Raharja. "Analisis Data Log IDS Snort dengan Algoritma Clustering Fuzzy C-Means." Majalah Ilmiah Teknologi Elektro 19, no. 1 (October 15, 2020): 95. http://dx.doi.org/10.24843/mite.2020.v19i01.p14.

Full text
Abstract:
Snort is one of open source IDS to detect intrusion or potentially malicious activity on network traffic. Snort will give alert for every detected intrusion and write the alerts in log. Log data in IDS Snort will help network administrator to analyze the vulnerability of network security system. Clustering algorithm such as FCM can be used to analyze the log data of IDS Snort. Implementation of the algorithm is based on Python 3 and aims to cluster alerts in log data into 4 risk categories, such as low, medium, high, and critical. The outcome of this analysis is to show cluster results of FCM and to visualize the types of attacks that IDS Snort has successfully detected. Evaluation process is done by using Modified Partition Coefficient (MPC) to determine the validity of FCM.
APA, Harvard, Vancouver, ISO, and other styles
5

Gunawan, Agus Riki, Nyoman Putra Sastra, and Dewa Made Wiharta. "Penerapan Keamanan Jaringan Menggunakan Sistem Snort dan Honeypot Sebagai Pendeteksi dan Pencegah Malware." Majalah Ilmiah Teknologi Elektro 20, no. 1 (March 1, 2021): 81. http://dx.doi.org/10.24843/mite.2021.v20i01.p09.

Full text
Abstract:
Intisari- Sistem komputer yang terkoneksi jaringan internet beresiko terhadap ancaman atau serangan. Sistem Snort dan Honeypot merupakan sistem kemanan berlapis yang dimana jaringan internal akan di awasi selama 24 jam setiap harinya, sehingga jika terdapat data masuk yang mencurigakan sistem akan memberikan informasi otomatis bahwa adanya serangan berupa malware atau hacker. Snort dapat mendeteksi dan menyimpan 250519 jumlah data dengan 27 atribut yang disediakan Snort secara default. Honeypot dapat mendeteksi dan menyimpan sebanyak 248.574 data yang dimana tercatat 10 jenis serangan. System honeypot mendeteksi 10 jenis serangan yang berbeda dengan IP address pada setiap serangan. Dari 10 jenis serangan diambil 5 jenis serangan terbesar dan 5 IP address terbesar pada setiap jenis serangan. Sehingga fungsi sistem snort dan honeypot telah dapat mendeteksi adanya serangan serta menyimpan data penyerang pada sistem, dan dapat berjalan secara bersamaan pada satu jaringan. Kata kunci : Snort IDS, Honeypot, Keamanan Jaringan, Malware
APA, Harvard, Vancouver, ISO, and other styles
6

Dasmen, Rahmat Novrianda, Cendri Ariyanto, Muhammad Haris Surya, and Hafiizh Ramadhan. "Penerapan Snort Sebagai Sistem Pendeteksi Serangan Keamanan Jaringan." Jurasik (Jurnal Riset Sistem Informasi dan Teknik Informatika) 7, no. 1 (February 28, 2022): 8. http://dx.doi.org/10.30645/jurasik.v7i1.409.

Full text
Abstract:
Network security is very important in an effort to prevent abuse on a network.Our research aims to detect networks using snort where this application has sensor that can indentify abuse on the network besides snort also funcitions to detect intrusions. Detection is carried out according to the rules contained in the configuration file,snort can perform analysis on rule based systems,adaptive system.Snort can operate sniffer mode, packet logger mode and intrusion detection mode
APA, Harvard, Vancouver, ISO, and other styles
7

Salah, K., and A. Kahtani. "Improving Snort performance under Linux." IET Communications 3, no. 12 (2009): 1883. http://dx.doi.org/10.1049/iet-com.2009.0114.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Jaw, Ebrima, and Xueming Wang. "A novel hybrid-based approach of snort automatic rule generator and security event correlation (SARG-SEC)." PeerJ Computer Science 8 (March 2, 2022): e900. http://dx.doi.org/10.7717/peerj-cs.900.

Full text
Abstract:
The rapid advanced technological development alongside the Internet with its cutting-edge applications has positively impacted human society in many aspects. Nevertheless, it equally comes with the escalating privacy and critical cybersecurity concerns that can lead to catastrophic consequences, such as overwhelming the current network security frameworks. Consequently, both the industry and academia have been tirelessly harnessing various approaches to design, implement and deploy intrusion detection systems (IDSs) with event correlation frameworks to help mitigate some of these contemporary challenges. There are two common types of IDS: signature and anomaly-based IDS. Signature-based IDS, specifically, Snort works on the concepts of rules. However, the conventional way of creating Snort rules can be very costly and error-prone. Also, the massively generated alerts from heterogeneous anomaly-based IDSs is a significant research challenge yet to be addressed. Therefore, this paper proposed a novel Snort Automatic Rule Generator (SARG) that exploits the network packet contents to automatically generate efficient and reliable Snort rules with less human intervention. Furthermore, we evaluated the effectiveness and reliability of the generated Snort rules, which produced promising results. In addition, this paper proposed a novel Security Event Correlator (SEC) that effectively accepts raw events (alerts) without prior knowledge and produces a much more manageable set of alerts for easy analysis and interpretation. As a result, alleviating the massive false alarm rate (FAR) challenges of existing IDSs. Lastly, we have performed a series of experiments to test the proposed systems. It is evident from the experimental results that SARG-SEC has demonstrated impressive performance and could significantly mitigate the existing challenges of dealing with the vast generated alerts and the labor-intensive creation of Snort rules.
APA, Harvard, Vancouver, ISO, and other styles
9

Saputra, Ferry Astika, Muhammad Salman, Jauari Akhmad Nur Hasim, Isbat Uzzin Nadhori, and Kalamullah Ramli. "The Next-Generation NIDS Platform: Cloud-Based Snort NIDS Using Containers and Big Data." Big Data and Cognitive Computing 6, no. 1 (February 7, 2022): 19. http://dx.doi.org/10.3390/bdcc6010019.

Full text
Abstract:
Snort is a well-known, signature-based network intrusion detection system (NIDS). The Snort sensor must be placed within the same physical network, and the defense centers in the typical NIDS architecture offer limited network coverage, especially for remote networks with a restricted bandwidth and network policy. Additionally, the growing number of sensor instances, followed by a quick increase in log data volume, has caused the present system to face big data challenges. This research paper proposes a novel design for a cloud-based Snort NIDS using containers and implementing big data in the defense center to overcome these problems. Our design consists of Docker as the sensor’s platform, Apache Kafka, as the distributed messaging system, and big data technology orchestrated on lambda architecture. We conducted experiments to measure sensor deployment, optimum message delivery from the sensors to the defense center, aggregation speed, and efficiency in the data-processing performance of the defense center. We successfully developed a cloud-based Snort NIDS and found the optimum method for message-delivery from the sensor to the defense center. We also succeeded in developing the dashboard and attack maps to display the attack statistics and visualize the attacks. Our first design is reported to implement the big data architecture, namely, lambda architecture, as the defense center and utilize rapid deployment of Snort NIDS using Docker technology as the network security monitoring platform.
APA, Harvard, Vancouver, ISO, and other styles
10

Tasneem, Aaliya, Abhishek Kumar, and Shabnam Sharma. "Intrusion Detection Prevention System using SNORT." International Journal of Computer Applications 181, no. 32 (December 17, 2018): 21–24. http://dx.doi.org/10.5120/ijca2018918280.

Full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Snort"

1

Ringström, Saltin Markus. "Intrusion Detection Systems : utvärdering av Snort." Thesis, University of Skövde, School of Humanities and Informatics, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-3081.

Full text
Abstract:

Det här examensarbetet undersöker effektiviteten hos ett Intrusion Detection System(IDS). Ett IDS är ett system som skall upptäcka om klienter på ett nätverk attackerasav en ”hacker” eller om någon obehörig försöker inkräkta, ungefär som en vakthund.Det IDS som testats är Snort, ett mycket populärt IDS skrivet med öppen källkod.Syftet med studien är att kunna påvisa huruvida ett IDS är ett bra komplement till ettsystems säkerhet eller inte, då det gjorts väldigt få metodiska undersökningar avSnort, och IDS i allmänhet.Den studie som gjorts utfördes med hjälp av ett antal experiment i enlaborationsmiljö, där effektiviteten hos Snort sattes på prov med hjälp av olika typerav attacker.Utifrån det resultat som uppkom så går det att konstatera att ett IDS absolut är ettkomplement värt att överväga för en organisation som är villig att ägna de resursersom systemet kräver, då ett högt antal av de utförda attackerna upptäcktes – attackersom anti-virus eller brandväggar inte är skapade för att reagera på.

APA, Harvard, Vancouver, ISO, and other styles
2

Steinvall, Daniel. "Utvärdering av signaturdatabaser i systemet Snort." Thesis, Karlstads universitet, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-72581.

Full text
Abstract:
Konstant uppkoppling till internet idag är en självklarhet för många världen över. Internet bidrar till en global förbindelse som aldrig tidigare varit möjligt, vilken kan tyckas vara underbart i många avseenden. Dessvärre kan denna digitala förbindelse missbrukas och användas för ondsinta ändamål vilket har lett till behov av säkerhetslösningar som bland annat nätverks-intrångsdetektionssystem. Ett av de mest omtalade verktygen som är ett exempel på ett sådant system är Snort som studeras i denna studie. Utöver analysering av Snort, evalueras även olika signaturdatabasers detektionsförmåga av angrepp. Totalt exekverades 1143 angrepp från 2008-2019 och dessa utvärderades av tre Snort-versioner daterade 2012, 2016 och 2018. Varje Snort-version analyserade angreppen med 18 signaturdatabaser daterade 2011-2019 från tre olika utgivare. Resultaten visar att det stor skillnad mellan de olika utgivarnas signaturdatabaser där den bästa detekterade runt 70% av angreppen medan den sämsta endast detekterade runt 1%. Även hur Snort konfigurerades hade stor inverkan på resultatet där Snort med för-processorn detekterade omkring 15% fler angrepp än utan den.
For many people all over the world being constantly connected to the Internet is taken for granted. The Internet connects people globally in a way that has never been possible before, which in many ways is a fantastic thing. Unfortunately, this global connection can be abused for malicious purposes which have led to the need for security solutions such as network intrusion detection systems. One prominent example of such a system is Snort which is the subject of evaluation in this thesis. This study investigates the ability of signature databases for Snort to detect cyberattacks. In total, we executed 1143 attacks released between 2008-2019 and recorded the network traffic. We then analyzed the network traffic using three versions of Snort released 2012, 2016, and 2018. For each version, we used 18 different signature databases dated 2011-2019 from three different publishers. Our results show that there are a significant difference between the different publishers’ signature databases, where the best signature database detected around 70% of the attacks and the worst only detected around 1%. The configuration of Snort also had a significant impact on the results, where Snort with the pre-processor detected about 15% more attacks than without it.
APA, Harvard, Vancouver, ISO, and other styles
3

Magnusson, Jonas. "Intrångsdetekteringssystem : En jämförelse mellan Snort och Suricata." Thesis, University of Skövde, School of Humanities and Informatics, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-4401.

Full text
Abstract:

Arbetets syfte är att jämföra intrångsdetekteringssystemen Snort och Suricata för att ge en uppfattning om vilken av applikationerna som lämpar sig att implementeras hos en internetleverantör för att upptäcka attacker och öka säkerheten på nätverket. Jämförelsen utförs med hänseende till antal upptäckta attacker, prestanda, implementeringstid, antal konfigurationsfiler samt vilka operativsystem de finns tillgängliga på.

Resultatet visar att Suricata med sitt stöd för att använda signaturer skapade för Snort upptäcker fler attacker än Snort. Snort däremot går både smidigare och snabbare att implementera. Prestandamässigt så visar Suricata bäst resultat, genom att använda sig av flera kärnor och mindre minne.

APA, Harvard, Vancouver, ISO, and other styles
4

Fleming, Theodor, and Hjalmar Wilander. "Network Intrusion and Detection : An evaluation of SNORT." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-144335.

Full text
Abstract:
Network security has become a vital part for computer networks to ensure that they operate as expected. With many of today's services relying on networks it is of great importance that the usage of networks are not being compromised. One way to increase the security of a computer network is to implement a Network Intrusion Detection System (NIDS). This system monitors the traffic sent to, from and within the network. This study investigates how a NIDS called SNORT with different configurations handles common network attacks. The knowledge of how SNORT managed the attacks is used to evaluate and indicate the vulnerability of different SNORT configurations. Different approaches on both how to bypass SNORT and how to detect attacks are described both theoretically, and practically with experiments. This study concludes that a carefully prepared configuration is the factor for SNORT to perform well in network intrusion detection.
APA, Harvard, Vancouver, ISO, and other styles
5

Zhang, Huan. "Parallelization of a software based intrusion detection system - Snort." Thesis, University of Canterbury. Electrical and Computer Engineering, 2011. http://hdl.handle.net/10092/5988.

Full text
Abstract:
Computer networks are already ubiquitous in people’s lives and work and network security is becoming a critical part. A simple firewall, which can only scan the bottom four OSI layers, cannot satisfy all security requirements. An intrusion detection system (IDS) with deep packet inspection, which can filter all seven OSI layers, is becoming necessary for more and more networks. However, the processing throughputs of the IDSs are far behind the current network speed. People have begun to improve the performance of the IDSs by implementing them on different hardware platforms, such as Field-Programmable Gate Array (FPGA) or some special network processors. Nevertheless, all of these options are either less flexible or more expensive to deploy. This research focuses on some possibilities of implementing a parallelized IDS on a general computer environment based on Snort, which is the most popular open-source IDS at the moment. In this thesis, some possible methods have been analyzed for the parallelization of the pattern-matching engine based on a multicore computer. However, owing to the small granularity of the network packets, the pattern-matching engine of Snort is unsuitable for parallelization. In addition, a pipelined structure of Snort has been implemented and analyzed. The universal packet capture API - LibPCAP has been modified for a new feature, which can capture a packet directly to an external buffer. Then, the performance of the pipelined Snort can have an improvement up to 60% on an Intel i7 multicore computer for jumbo frames. A primary limitation is on the memory bandwidth. With a higher bandwidth, the performance of the parallelization can be further improved.
APA, Harvard, Vancouver, ISO, and other styles
6

Albin, Eugene. "A comparative analysis of the Snort and Suricata intrusion-detection systems." Thesis, Monterey, California. Naval Postgraduate School, 2011. http://hdl.handle.net/10945/5480.

Full text
Abstract:
Approved for public release; distribution is unlimited.
Our research focuses on comparing the performance of two open-source intrusion-detection systems, Snort and Suricata, for detecting malicious activity on computer networks. Snort, the de-facto industry standard open-source solution, is a mature product that has been available for over a decade. Suricata, released two years ago, offers a new approach to signature-based intrusion detection and takes advantage of current technology such as process multithreading to improve processing speed. We ran each product on a multi-core computer and evaluated several hours of network traffic on the NPS backbone. We evaluated the speed, memory requirements, and accuracy of the detection engines in a variety of experiments. We conclude that Suricata will be able to handle larger volumes of traffic than Snort with similar accuracy, and thus recommend it for future needs at NPS since the Snort installation is approaching its bandwidth limits.
APA, Harvard, Vancouver, ISO, and other styles
7

Kurukkankunnel, Joy Cyril, and Sherjin Dan Thomas. "A Study of Intrusion detection on PROFINET Network by Improving SNORT." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-43350.

Full text
Abstract:
This report is a result of master thesis in network forensics at Halmstad University during spring term 2018. Industrial engineers are becoming aware of the importance of network security. In today's industrial system, attacks on industrial control system are becoming more commonplace. The availability of industrial specific search engine which can reveal system to anyone interested, has made it easier to target vulnerable systems. Years ago, the networks that are not connected to a public network were considered "Safe". Today these networks are inter-connected, and the challenge is how to make them secure. To protect industrial control systems, monitoring of the industrial network is required to find abnormal activities. There are many open source intrusion detection systems available we have chosen SNORT for our project work since SNORT is a powerful open source intrusion detection system and has many default sets of rules also communitybased rules can be implemented. SNORT has features such as real-time traffic analysis, logging packets and content searching ability. SNORT has limited capability in understanding the PROFINET protocol and the aim of our project is to modify SNORT application to read PROFINET packets so that it can be used in industrial networks running on PROFINET protocol and create rules for PROFINET by examining the data captured from the lab environment.
APA, Harvard, Vancouver, ISO, and other styles
8

Meyer, Steven J. "GPS Receiver Testing on the Supersonic Naval Ordnance Research Track (SNORT)." International Foundation for Telemetering, 1997. http://hdl.handle.net/10150/609808.

Full text
Abstract:
International Telemetering Conference Proceedings / October 27-30, 1997 / Riviera Hotel and Convention Center, Las Vegas, Nevada
There is an interest in using Global Positioning System (GPS) receivers to find: Time Space Position Information (TSPI), miss distances between a missile and target, and using the data real time as an independent tracking aid for range safety. Ashtech, Inc. has several standalone GPS receivers they believe can work at high g levels. This paper investigates how the Ashtech GPS receivers work under high g loading in one axis. The telemetry system used to collect data from the receivers and the reconstruction of the data will also be discussed. The test was done at SNORT (Supersonic Naval Ordnance Research Track) located at NAWS, China Lake, CA. The g level obtained was about +23 g’s with a deceleration of -15 g’s. The velocity reached was about Mach 2.0. A summary of the errors is included.
APA, Harvard, Vancouver, ISO, and other styles
9

Thorarensen, Christian. "A Performance Analysis of Intrusion Detection with Snort and Security Information Management." Thesis, Linköpings universitet, Databas och informationsteknik, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-177602.

Full text
Abstract:
Network intrusion detection systems (NIDSs) are a major component in cybersecurity and can be implemented with open-source software. Active communities and researchers continue to improve projects and rulesets used for detecting threats to keep up with the rapid development of the internet. With the combination of security information management, automated threat detection updates and widely used software, the NIDS security can be maximized. However, it is not clear how different combinations of software and basic settings affect network performance. The main purpose in this thesis was to find out how multithreading, standard ruleset configurations and near real-time data shipping affect Snort IDS’ online and offline performance. Investigations and results were designed to guide researchers or companies to enable maximum security with minimum impact on connectivity. Software used in performance testing was limited to Snort 2.9.17.1-WIN64 (IDS), Snort 3.1.0.0 (IDS), PulledPork (rule management) and Open Distro for Elasticsearch (information management). To increase the replicability of this study, the experimentation method was used, and network traffic generation was limited to 1.0 Gbit/s hardware. Offline performance was tested with traffic recorded from a webserver during February 2021 to increase the validity of test results, but detection of attacks was not the focus. Through experimentation it was found that multithreading enabled 68-74% less runtime for offline analysis on an octa-thread system. On the same system, Snort’s drop rate was reduced from 9.0% to 1.1% by configuring multiple packet threads for 1.0 Gbit/s traffic. Secondly, Snort Community and Proofpoint ET Open rulesets showed approximately 1% and 31% dropped packets, respectively. Finally, enabling data shipping services to integrate Snort with Open Distro for Elasticsearch (ODFE) did not have any negative impact on throughput, network delay or Snort’s drop rate. However, the usability of ODFE needs further investigation. In conclusion, Snort 3 multithreading enabled major performance benefits but not all open-source rules were available. In future work, the shared security information management solution could be expanded to include multiple Snort sensors, triggers, alerting (email) and suggested actions for detected threats.
APA, Harvard, Vancouver, ISO, and other styles
10

Utimura, Luan Nunes. "Aplicação em tempo real de técnicas de aprendizado de máquina no Snort IDS /." São José do Rio Preto, 2020. http://hdl.handle.net/11449/192443.

Full text
Abstract:
Orientador: Kelton Augusto Pontara da Costa
Resumo: À medida que a Internet cresce com o passar dos anos, é possível observar um aumento na quantidade de dados que trafegam nas redes de computadores do mundo todo. Em um contexto onde o volume de dados encontra-se em constante renovação, sob a perspectiva da área de Segurança de Redes de Computadores torna-se um grande desafio assegurar, em termos de eficácia e eficiência, os sistemas computacionais da atualidade. Dentre os principais mecanismos de segurança empregados nestes ambientes, destacam-se os Sistemas de Detecção de Intrusão em Rede. Muito embora a abordagem de detecção por assinatura seja suficiente no combate de ataques conhecidos nessas ferramentas, com a eventual descoberta de novas vulnerabilidades, faz-se necessário a utilização de abordagens de detecção por anomalia para amenizar o dano de ataques desconhecidos. No campo acadêmico, diversos trabalhos têm explorado o desenvolvimento de abordagens híbridas com o intuito de melhorar a acurácia dessas ferramentas, com o auxílio de técnicas de Aprendizado de Máquina. Nesta mesma linha de pesquisa, o presente trabalho propõe a aplicação destas técnicas para a detecção de intrusão em um ambiente tempo real mediante uma ferramenta popular e amplamente utilizada, o Snort. Os resultados obtidos mostram que em determinados cenários de ataque, a abordagem de detecção baseada em anomalia pode se sobressair em relação à abordagem de detecção baseada em assinatura, com destaque às técnicas AdaBoost, Florestas Aleatórias, Árvor... (Resumo completo, clicar acesso eletrônico abaixo)
Abstract: As the Internet grows over the years, it is possible to observe an increase in the amount of data that travels on computer networks around the world. In a context where data volume is constantly being renewed, from the perspective of the Network Security area it becomes a great challenge to ensure, in terms of effectiveness and efficiency, today’s computer systems. Among the main security mechanisms employed in these environments, stand out the Network Intrusion Detection Systems. Although the signature-based detection approach is sufficient to combat known attacks in these tools, with the eventual discovery of new vulnerabilities, it is necessary to use anomaly-based detection approaches to mitigate the damage of unknown attacks. In the academic field, several works have explored the development of hybrid approaches in order to improve the accuracy of these tools, with the aid of Machine Learning techniques. In this same line of research, the present work proposes the application of these techniques for intrusion detection in a real time environment using a popular and widely used tool, the Snort. The obtained results shows that in certain attack scenarios, the anomaly-based detection approach may outperform the signature-based detection approach, with emphasis on the techniques AdaBoost, Random Forests, Decision Tree and Linear Support Vector Machine.
Mestre
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Snort"

1

Scott, Charlie. Snort for dummies. Hoboken, NJ: Wiley Pub., 2004.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Scott, Charlie. Snort For Dummies. New York: John Wiley & Sons, Ltd., 2004.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Beale, Jay. Snort 2.0 intrusion detection. Rockland, Mass: Syngress, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

C, Foster James, ed. Snort 2.0 intrusion detection. Rockland, Mass: Syngress, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Intrusion detection with Snort. Indianapolis, Ind: Sams, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Intrusion detection systems with Snort: Advanced IDS techniques using Snort, Apache, MySQL, PHP, and ACID. Upper Saddle River, N.J: Prentice Hall PTR, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Christopher, Gerg, ed. Managing Security with Snort and IDS Tools. Beijing: O'Reilly, 2004.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

er, Ke qi ao, and Xu cheng. Snort ru qin jian ce shi yong jie jue fang an. Bei jing: Ji xie gong ye chu ban she, 2005.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

J, Noonan Wesley, ed. Secure your network for free: Using Nmap, Wireshark, Snort, Nessus, and MRGT. Rockland, Mass: Syngress, 2007.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Seagren, Eric. Secure your network for free: Using Nmap, Wireshark, Snort, Nessus, and MRTG. Edited by Noonan Wesley J. Rockland, Mass: Syngress, 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Snort"

1

O’Leary, Mike. "Snort." In Cyber Operations, 947–82. Berkeley, CA: Apress, 2019. http://dx.doi.org/10.1007/978-1-4842-4294-0_19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

O’Leary, Mike. "Snort." In Cyber Operations, 605–41. Berkeley, CA: Apress, 2015. http://dx.doi.org/10.1007/978-1-4842-0457-3_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Chi, Ruinan. "Intrusion Detection System Based on Snort." In Lecture Notes in Electrical Engineering, 657–64. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-40633-1_82.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Saganowski, Łukasz, Marcin Goncerzewicz, and Tomasz Andrysiak. "Anomaly Detection Preprocessor for SNORT IDS System." In Advances in Intelligent Systems and Computing, 225–32. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-32384-3_28.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Mohanta, Abhijit, and Anoop Saldanha. "IDS/IPS and Snort/Suricata Rule Writing." In Malware Analysis and Detection Engineering, 819–50. Berkeley, CA: Apress, 2020. http://dx.doi.org/10.1007/978-1-4842-6193-4_23.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Alicea, Michael, and Izzat Alsmadi. "Towards Automatic Rule Conflict Detection in Snort." In Advances in Information, Communication and Cybersecurity, 506–16. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-030-91738-8_46.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Sharma, Shubham, Parma Nand, and Pankaj Sharma. "Intrusion Detection and Prevention Systems Using Snort." In Advances in Data Science and Management, 473–86. Singapore: Springer Singapore, 2022. http://dx.doi.org/10.1007/978-981-16-5685-9_46.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Baker, Andrew R., Brian Caswell, Mike Poor, Stephen Northcutt, Raven Alder, Jacob Babbin, Jay Beale, et al. "Installing Snort." In Snort 2.1 Intrusion Detection, 99–164. Elsevier, 2004. http://dx.doi.org/10.1016/b978-193183604-3/50008-4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Baker, Andrew R., Brian Caswell, Mike Poor, Stephen Northcutt, Raven Alder, Jacob Babbin, Jay Beale, et al. "Optimizing Snort." In Snort 2.1 Intrusion Detection, 471–527. Elsevier, 2004. http://dx.doi.org/10.1016/b978-193183604-3/50015-1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Baker, Andrew R., Brian Caswell, Mike Poor, Stephen Northcutt, Raven Alder, Jacob Babbin, Jay Beale, et al. "Advanced Snort." In Snort 2.1 Intrusion Detection, 671–99. Elsevier, 2004. http://dx.doi.org/10.1016/b978-193183604-3/50018-7.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Snort"

1

Khurat, Assadarat, and Wudhichart Sawangphol. "An Ontology for SNORT Rule." In 2019 16th International Joint Conference on Computer Science and Software Engineering (JCSSE). IEEE, 2019. http://dx.doi.org/10.1109/jcsse.2019.8864190.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Chakrabarti, S., M. Chakraborty, and I. Mukhopadhyay. "Study of snort-based IDS." In ICWET '10: International Conference and Workshop on Emerging Trends in Technology. New York, NY, USA: ACM, 2010. http://dx.doi.org/10.1145/1741906.1741914.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Fang, Xianjin, and Lingbing Liu. "Integrating Artificial Intelligence into Snort IDS." In 2011 3rd International Workshop on Intelligent Systems and Applications (ISA). IEEE, 2011. http://dx.doi.org/10.1109/isa.2011.5873435.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Tung Tran, I. Aib, E. Al-Shaer, and R. Boutaba. "An evasive attack on SNORT flowbits." In 2012 IEEE/IFIP Network Operations and Management Symposium (NOMS 2012). IEEE, 2012. http://dx.doi.org/10.1109/noms.2012.6211918.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Al-Mamory, S. O., A. Hamid, A. Abdul-Razak, and Z. Falah. "String matching enhancement for snort IDS." In 2010 5th International Conference on Computer Sciences and Convergence Information Technology (ICCIT 2010). IEEE, 2010. http://dx.doi.org/10.1109/iccit.2010.5711211.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Hong, Xiaojin, Changzhen Hu, Zhigang Wang, Guoqiang Wang, and Ying Wan. "VisSRA: Visualizing Snort Rules and Alerts." In 2012 4th International Conference on Computational Intelligence and Communication Networks (CICN). IEEE, 2012. http://dx.doi.org/10.1109/cicn.2012.207.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Sun, Xibin, Du Zhang, Mingzhe Liu, Zhuoxin He, Haijie Li, and Jiwei Li. "Detecting and Resolving Inconsistencies in Snort." In 2018 IEEE 17th International Conference on Cognitive Informatics & Cognitive Computing (ICCI*CC). IEEE, 2018. http://dx.doi.org/10.1109/icci-cc.2018.8482026.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Silva, Rui, Raul Barbosa, and Jorge Bernardino. "Testing Snort with SQL Injection Attacks." In the Ninth International C* Conference. New York, New York, USA: ACM Press, 2016. http://dx.doi.org/10.1145/2948992.2949001.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Ulltveit-Moe, Nils, and Vladimir Oleshchuk. "Privacy Violation Classification of Snort Ruleset." In 2010 18th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP). IEEE, 2010. http://dx.doi.org/10.1109/pdp.2010.87.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Meng, Qingduan, Xiaoling Zhang, and Dongwei Lv. "Research on Detection Speed Improvement of Snort." In 2010 International Conference on Internet Technology and Applications (iTAP). IEEE, 2010. http://dx.doi.org/10.1109/itapp.2010.5566613.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Snort"

1

Ahmed, M., R. Hibbard, A. Moore, J. Benstead, K. Baker, R. Soufli, T. Pardini, et al. NIF S600D Snout Final Design Review (FDR) Report. Office of Scientific and Technical Information (OSTI), February 2015. http://dx.doi.org/10.2172/1182239.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Gertz, E. M., P. E. Gill, and J. Muetherig. Users guide for SnadiOpt : a package adding automatic differentiation to Snopt. Office of Scientific and Technical Information (OSTI), June 2001. http://dx.doi.org/10.2172/822566.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Mukherjee, S., J. Emig, L. Griffith, R. Heeter, F. House, D. James, M. Schneider, and C. Sorce. Variable Spaced Grating (VSG) Snout, Rotator and Rails for use at LLE. Office of Scientific and Technical Information (OSTI), January 2010. http://dx.doi.org/10.2172/992295.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Weimar, Shawna, Anna K. Johnson, Kenneth J. Stalder, Locke A. Karriker, and Thomas Fangman. Distance of Nursery Pig Snout and Tails from a Human Observer during an Approachability Test. Ames (Iowa): Iowa State University, January 2015. http://dx.doi.org/10.31274/ans_air-180814-1328.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Mackinnon, A., B. Copsey, and J. Celeste. The Effectiveness of the Compton Radiography Snout Electron Deflection Yoke and its Application as an Electron Spectrometer. Office of Scientific and Technical Information (OSTI), September 2009. http://dx.doi.org/10.2172/1057222.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Airborne gamma ray spectrometric survey, Peter Snout, southwestern Newfoundland. Natural Resources Canada/ESS/Scientific and Technical Publishing Services, 1987. http://dx.doi.org/10.4095/122772.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Snort' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography