Log in

Relevant bibliographies by topics / Snort / Journal articles

To see the other types of publications on this topic, follow the link: Snort.

Journal articles on the topic 'Snort'

Author: Grafiati

Published: 4 June 2021

Last updated: 25 April 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Snort.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Sabekti, Muhamad Agung. "Pembuatan Web Interface Snort untuk Managemen Firewall dengan Operasi CRUD (Create, Read, Update, Delete) pada File System Snort dan Pengujian Web dengan Serangan serta Notifikasi pada Email dan Telegram." Indonesian Journal of Applied Informatics 3, no. 2 (August 4, 2019): 74. http://dx.doi.org/10.20961/ijai.v3i2.27836.

Full text

Abstract:

<p><em>Snort</em> merupakan salah satu aplikasi <em>firewall</em> yang dikonfigurasi dalam terminal linux, meliputi konfigurasi <em>snort</em>, <em>input rule snort</em>, dan hasil alert <em>snort</em> pada terminal linux. Untuk mempermudah monitoring alert diterminal linux, maka alert diimplementasikan pada email dan telegram serta guna mempermudah dalam aktifitas dalam aktifitas input rule snort maka dibuatlah <em>web interface snort </em>. Metode untuk menangani Snort berjalan pada <em>mode inline</em> dengan menggunakan modul <em>daq_afpacket</em> dalam snort itu sendiri, dan untuk melakukan blok ketika terjadi serangan, snort menggunakan <em>firewall iptables</em>. Alert diimplementasikan pada email menggunakan protokol <em>ssmtp</em> dan pada telegram menggunakan id dan api telegram. Hasil dari penelitian menyatakan pembuatan web <em>interface</em> dapat dengan mudah mengelola <em>rule</em> dan alert <em>snort</em>, serta dapat diaplikasikan dalam beberapa serangan yang diujikan.</p><p>_______________________________________________</p><p>Abstract</p><p><em>In general, snort is a firewall application that is configured in Linux terminals, including the implementation of snort, input snort rules, and snort warning results on Linux terminals. To monitor the linux warning alarm, the alerts are implemented on e-mail and telegram, as well as for input information in snort mode and then create a snort web interface. The method for handling Snort runs in inline mode by using the daq_afpacket module in the snort itself, and to block when an attack occurs, snort uses the iptables firewall. Alerts are implemented in e-mail using the ssmtp protocol and on telegrams using id and telegram fires. The results of the study state that making web interfaces can easily manage rules and snort alerts, and can be applied in several attacks that are tested.</em></p>

APA, Harvard, Vancouver, ISO, and other styles

2

Acosta, Andres, and Leonardo Rodriguez. "Snort como herramienta administrativa." INVENTUM 3, no. 5 (July 7, 2008): 74–78. http://dx.doi.org/10.26620/uniminuto.inventum.3.5.2008.74-78.

Full text

Abstract:

Snort como una herramienta de sniffer puede ser utilizado en forma ilegal capturando tráfico, en el cual se puede filtrar información privada de una empresa. Este artículo pretende dar a entender que su uso se puede orientar a una forma administrativa para asegurar una red, de tal forma que esta herramienta nos informe sobre hechos o eventos ocurridos dentro de unas reglas preestablecidas por el administrador de la red. Así mismo, describe algunas características de Snort, como su ubicación dentro del esquema de red y la creación de reglas, controlando así el tráfico entrante y saliente. Snort como IDS busca aumentar la seguridad, vigilar y examinar el tráfico de la red en busca de datos sospechosos, además de detectar los primeros instantes de un ataque que pueden comprometer de manera importante la seguridad de la red.

APA, Harvard, Vancouver, ISO, and other styles

3

Saganowski, Łukasz, and Tomasz Andrysiak. "Snort IDS Hybrid ADS Preprocessor." Image Processing & Communications 17, no. 4 (December 1, 2012): 17–22. http://dx.doi.org/10.2478/v10248-012-0024-0.

Full text

Abstract:

Abstract The paper presents hybrid anomaly detection preprocessor for SNORT IDS - Intrusion Detection System [1] base on statistical test and DWT - Discrete Wavelet Transform coefficient analysis. Preprocessor increases functionality of SNORT IDS system and has complementary properties. Possibility of detection network anomalies is increased by using two different algorithms. SNORT captures network traffic features which are used by ADS (Anomaly Detection System) preprocessor for detecting anomalies. Chi-square statistical test and DWT subband coefficients energy values are used for calculating of normal network traffic profiles. We evaluated proposed SNORT extension with the use of test network.

APA, Harvard, Vancouver, ISO, and other styles

4

Dewi Paramitha, Ida Ayu Shinta, Gusti Made Arya Sasmita, and I. Made Sunia Raharja. "Analisis Data Log IDS Snort dengan Algoritma Clustering Fuzzy C-Means." Majalah Ilmiah Teknologi Elektro 19, no. 1 (October 15, 2020): 95. http://dx.doi.org/10.24843/mite.2020.v19i01.p14.

Full text

Abstract:

Snort is one of open source IDS to detect intrusion or potentially malicious activity on network traffic. Snort will give alert for every detected intrusion and write the alerts in log. Log data in IDS Snort will help network administrator to analyze the vulnerability of network security system. Clustering algorithm such as FCM can be used to analyze the log data of IDS Snort. Implementation of the algorithm is based on Python 3 and aims to cluster alerts in log data into 4 risk categories, such as low, medium, high, and critical. The outcome of this analysis is to show cluster results of FCM and to visualize the types of attacks that IDS Snort has successfully detected. Evaluation process is done by using Modified Partition Coefficient (MPC) to determine the validity of FCM.

APA, Harvard, Vancouver, ISO, and other styles

5

Gunawan, Agus Riki, Nyoman Putra Sastra, and Dewa Made Wiharta. "Penerapan Keamanan Jaringan Menggunakan Sistem Snort dan Honeypot Sebagai Pendeteksi dan Pencegah Malware." Majalah Ilmiah Teknologi Elektro 20, no. 1 (March 1, 2021): 81. http://dx.doi.org/10.24843/mite.2021.v20i01.p09.

Full text

Abstract:

Intisari- Sistem komputer yang terkoneksi jaringan internet beresiko terhadap ancaman atau serangan. Sistem Snort dan Honeypot merupakan sistem kemanan berlapis yang dimana jaringan internal akan di awasi selama 24 jam setiap harinya, sehingga jika terdapat data masuk yang mencurigakan sistem akan memberikan informasi otomatis bahwa adanya serangan berupa malware atau hacker. Snort dapat mendeteksi dan menyimpan 250519 jumlah data dengan 27 atribut yang disediakan Snort secara default. Honeypot dapat mendeteksi dan menyimpan sebanyak 248.574 data yang dimana tercatat 10 jenis serangan. System honeypot mendeteksi 10 jenis serangan yang berbeda dengan IP address pada setiap serangan. Dari 10 jenis serangan diambil 5 jenis serangan terbesar dan 5 IP address terbesar pada setiap jenis serangan. Sehingga fungsi sistem snort dan honeypot telah dapat mendeteksi adanya serangan serta menyimpan data penyerang pada sistem, dan dapat berjalan secara bersamaan pada satu jaringan. Kata kunci : Snort IDS, Honeypot, Keamanan Jaringan, Malware

APA, Harvard, Vancouver, ISO, and other styles

6

Dasmen, Rahmat Novrianda, Cendri Ariyanto, Muhammad Haris Surya, and Hafiizh Ramadhan. "Penerapan Snort Sebagai Sistem Pendeteksi Serangan Keamanan Jaringan." Jurasik (Jurnal Riset Sistem Informasi dan Teknik Informatika) 7, no. 1 (February 28, 2022): 8. http://dx.doi.org/10.30645/jurasik.v7i1.409.

Full text

Abstract:

Network security is very important in an effort to prevent abuse on a network.Our research aims to detect networks using snort where this application has sensor that can indentify abuse on the network besides snort also funcitions to detect intrusions. Detection is carried out according to the rules contained in the configuration file,snort can perform analysis on rule based systems,adaptive system.Snort can operate sniffer mode, packet logger mode and intrusion detection mode

APA, Harvard, Vancouver, ISO, and other styles

7

Salah, K., and A. Kahtani. "Improving Snort performance under Linux." IET Communications 3, no. 12 (2009): 1883. http://dx.doi.org/10.1049/iet-com.2009.0114.

Full text

APA, Harvard, Vancouver, ISO, and other styles

8

Jaw, Ebrima, and Xueming Wang. "A novel hybrid-based approach of snort automatic rule generator and security event correlation (SARG-SEC)." PeerJ Computer Science 8 (March 2, 2022): e900. http://dx.doi.org/10.7717/peerj-cs.900.

Full text

Abstract:

The rapid advanced technological development alongside the Internet with its cutting-edge applications has positively impacted human society in many aspects. Nevertheless, it equally comes with the escalating privacy and critical cybersecurity concerns that can lead to catastrophic consequences, such as overwhelming the current network security frameworks. Consequently, both the industry and academia have been tirelessly harnessing various approaches to design, implement and deploy intrusion detection systems (IDSs) with event correlation frameworks to help mitigate some of these contemporary challenges. There are two common types of IDS: signature and anomaly-based IDS. Signature-based IDS, specifically, Snort works on the concepts of rules. However, the conventional way of creating Snort rules can be very costly and error-prone. Also, the massively generated alerts from heterogeneous anomaly-based IDSs is a significant research challenge yet to be addressed. Therefore, this paper proposed a novel Snort Automatic Rule Generator (SARG) that exploits the network packet contents to automatically generate efficient and reliable Snort rules with less human intervention. Furthermore, we evaluated the effectiveness and reliability of the generated Snort rules, which produced promising results. In addition, this paper proposed a novel Security Event Correlator (SEC) that effectively accepts raw events (alerts) without prior knowledge and produces a much more manageable set of alerts for easy analysis and interpretation. As a result, alleviating the massive false alarm rate (FAR) challenges of existing IDSs. Lastly, we have performed a series of experiments to test the proposed systems. It is evident from the experimental results that SARG-SEC has demonstrated impressive performance and could significantly mitigate the existing challenges of dealing with the vast generated alerts and the labor-intensive creation of Snort rules.

APA, Harvard, Vancouver, ISO, and other styles

9

Saputra, Ferry Astika, Muhammad Salman, Jauari Akhmad Nur Hasim, Isbat Uzzin Nadhori, and Kalamullah Ramli. "The Next-Generation NIDS Platform: Cloud-Based Snort NIDS Using Containers and Big Data." Big Data and Cognitive Computing 6, no. 1 (February 7, 2022): 19. http://dx.doi.org/10.3390/bdcc6010019.

Full text

Abstract:

Snort is a well-known, signature-based network intrusion detection system (NIDS). The Snort sensor must be placed within the same physical network, and the defense centers in the typical NIDS architecture offer limited network coverage, especially for remote networks with a restricted bandwidth and network policy. Additionally, the growing number of sensor instances, followed by a quick increase in log data volume, has caused the present system to face big data challenges. This research paper proposes a novel design for a cloud-based Snort NIDS using containers and implementing big data in the defense center to overcome these problems. Our design consists of Docker as the sensor’s platform, Apache Kafka, as the distributed messaging system, and big data technology orchestrated on lambda architecture. We conducted experiments to measure sensor deployment, optimum message delivery from the sensors to the defense center, aggregation speed, and efficiency in the data-processing performance of the defense center. We successfully developed a cloud-based Snort NIDS and found the optimum method for message-delivery from the sensor to the defense center. We also succeeded in developing the dashboard and attack maps to display the attack statistics and visualize the attacks. Our first design is reported to implement the big data architecture, namely, lambda architecture, as the defense center and utilize rapid deployment of Snort NIDS using Docker technology as the network security monitoring platform.

APA, Harvard, Vancouver, ISO, and other styles

10

Tasneem, Aaliya, Abhishek Kumar, and Shabnam Sharma. "Intrusion Detection Prevention System using SNORT." International Journal of Computer Applications 181, no. 32 (December 17, 2018): 21–24. http://dx.doi.org/10.5120/ijca2018918280.

Full text

APA, Harvard, Vancouver, ISO, and other styles

11

Ahmed, Ghilman, Muhammad Naeem Ahmed Khan, and Muhammad Shamraiz Bashir. "A Linux-based IDPS using Snort." Computer Fraud & Security 2015, no. 8 (August 2015): 13–18. http://dx.doi.org/10.1016/s1361-3723(15)30076-2.

Full text

APA, Harvard, Vancouver, ISO, and other styles

12

Dian Pratiwi, Yuni, Enggar Alfianto, and Shah Khadafi. "IMPLEMENTASI METODE INTRUSION DETECTION SYSTEM (IDS) MENGGUNAKAN PERANGKAT LUNAK PORTSENTRY DAN SNORT BERBASIS SISTEM OPERASI LINUX UBUNTU 16.04 LTS." e-NARODROID 4, no. 2 (September 28, 2018): 35–48. http://dx.doi.org/10.31090/narodroid.v4i2.732.

Full text

Abstract:

Abstract : Sistem keamanan jaringan merupakan salah satu faktor penting dalam menjaga jaringan dari ancaman penyusup yang dapat merusak dan mencuri data melalui sebuah koneksi jaringan. Untuk menerapkan keamanan dalam jaringan dapat menggunakan metode sederhana yaitu Intrusion Detection System (IDS) dimana metode tersebut mampu mendeteksi akses yang tidak sah pada sebuah sistem jaringan. Penerapan metode IDS pada penelitian ini menggunakan dua tools keamanan jaringan yaitu Portsentry dan Snort yang merupakan perangkat lunak bersifat open source. Kedua tools IDS tersebut akan dikolaborasikan dan diuji dalam mendeteksi adanya serangan seperti ping of death, scanning port dan sniffing. Dari hasil kolaborasi kedua tools IDS tersebut bahwa Portsentry mampu mendeteksi adanya scanning port sekaligus memblokir serangan, namun tidak dapat mendeteksi jenis serangan seperti ping of death dan sniffing karena dianggap aman. Sedangkan Snort dapat mendeteksi semua jenis serangan seperti ping of death, scanning port dan juga sniffing namun tidak dapat memblokir serangan tersebut. Meskipun demikian, implementasi metode IDS untuk deteksi serangan menggunakan Portsentry dan Snort masih dapat dikolaborasikan dengan baik. Kata Kunci : Metode IDS, Portsentry, Snort, ping of death, scanning port, sniffing

APA, Harvard, Vancouver, ISO, and other styles

13

Purba, Winrou Wesley, and Rissal Efendi. "Perancangan dan analisis sistem keamanan jaringan komputer menggunakan SNORT." AITI 17, no. 2 (February 23, 2021): 143–58. http://dx.doi.org/10.24246/aiti.v17i2.143-158.

Full text

Abstract:

PT. Promanufacture Indonesia merupakan sebuah perusahaan yang memerlukan adanya jaringan internet agar dapat mengolah data anggota, barang, cctv dan lain-lain. Semua file dan data anggota, barang, cctv dan lain-lain akan disimpan di dalam sebuah server. Server di PT. Promanufacture Indonesia hanya mengandalkan sistem firewall saja. Dengan menggunakan firewall saja sistem keamanan jaringan tidak akan terjamin keamanannya. Maka diperlukan sebuah sistem untuk menjaga keamanan jaringan tersebut, yaitu SNORT. SNORT merupakan perangkat lunak yang akan memberikan peringatan ketika terjadi penyusupan kedalam sistem komputer. Tujuan dari penelitian ini adalah merancang dan menganalisa sistem keamanan komputer di PT. Promanufacture Indonesia dengan menggunakan perangkat lunak SNORT. Hasil dari penelitian ini dapat digunakan oleh pengelola jaringan PT. Promanufacture Indonesia untuk menjaga sistem keamanan jaringan komputer pada perusahaan tersebut.

APA, Harvard, Vancouver, ISO, and other styles

14

Aminanto, Alja, and Wiwin Sulistyo. "Simulasi Sistem Keamanan Jaringan Komputer Berbasis IPS Snort dan Honeypot Artilery." AITI 16, no. 2 (June 17, 2020): 135–50. http://dx.doi.org/10.24246/aiti.v16i2.135-150.

Full text

Abstract:

The Intrusion Prevention System (IPS) Snort is a server security System that can prevent attacks by examining and recording all data packets as well as recognizing packets with sensors, when the attack has been identified, IPS Snort will deny the access (block) and log of all data packets identified. However by using only IPS Snort which can only check and note the Allert attacks that are incoming in less sense to secure a server by collaborating with the other server's secure system in the sense of being able to make the network security of the server better. Honeypot Artillery chosen which works when there is a Hacker trying to penetrate through open ports can be detected as if hackers can break through the system, then Honeypot Artillery will provide information about who attackers and how the attacker could enter the Snort IPS system for later record in the database that can be viewed on the Web interface, Allert recorded on the experiment that has been done in the database as much as 9453 on TCP protocol as much as 9%, UDP as much as < 1%, and ICMP As much as 91%.

APA, Harvard, Vancouver, ISO, and other styles

15

Astika, S. Ferry, M. Jauhari, N. Isbatuzzin, M. Salman, and Kalamullah Ramli. "BUILDING A DYNAMIC SCALABLE PARALLEL CLOUD-BASED SNORT NIDS USING CONTAINERS AND BIG DATA." Journal of Southwest Jiaotong University 56, no. 5 (October 30, 2021): 317–26. http://dx.doi.org/10.35741/issn.0258-2724.56.5.27.

Full text

Abstract:

Snort is one of the well-known signature-based network intrusion detection systems (NIDS). The Snort sensor placement must be in the same physical network. The defense center in the typical NIDS architecture cause limited network coverage to be monitored, especially for remote networks with restricted bandwidth and network policy. Moreover, the increasing number of sensor instances, followed by a rapid increase in log data volume, caused the existing system to face Big data challenges. This research paper aims to propose a novel design of cloud-based Snort NIDS using containers and implementing Big data in the defense center to overcome these problems. Our design consists of Docker as the sensor's platform, Apache Kafka as the distributed messaging system, and various big data technology orchestrated on lambda architecture. Experiments are conducted to measure sensor deployment, optimum message delivery from sensors to the defense center, and aggregation speed, and data processing performance efficiency on the defense center. In summary, we successfully developed a cloud-based Snort NIDS and found the optimum message delivery method from the sensor to the defense center. Our design also represents the first report on implementing the Big data architecture, namely lambda architecture, to the defense center as a part of a network security monitoring platform.

APA, Harvard, Vancouver, ISO, and other styles

16

Li, Jing Jiao, Yong Chen, Ho Cholman, Zhen Lin Lu, and Ling Qiao Nan. "Design and Implementation of NIDS String Matching Based on SOPC." Advanced Materials Research 424-425 (January 2012): 551–54. http://dx.doi.org/10.4028/www.scientific.net/amr.424-425.551.

Full text

Abstract:

String matching is a key problem in many network processing applications. Current implementations of this process using software are time consuming. This paper presents a string matching system that based on FPGA. This paper uses DM9000A to receive network data and uses Snort rule and HashMem function to match pattern. With software simulation the conflict pattern of Snort rules found out and processed separately. In the system, conflict can be high-speed solved. With the PC handle string matching that more than 16 Byte, the FPGA processing speed has improved greatly .The experimental results show that the system throughput is 1.22Gbps, more than 20 times of the software method. When processing more Snort rules system throughput is not affected. Experimental results show that the system can quickly adapt to the demand for hardware reconfiguration and meet the network application requirements.

APA, Harvard, Vancouver, ISO, and other styles

17

Gdowski, Bartłomiej, Rafał Kościej, and Marcin Niemiec. "Heuristic-based Intrusion Detection Functionality in a Snort Environment." Information & Security: An International Journal 50 (2021): 23–36. http://dx.doi.org/10.11610/isij.5010.

Full text

APA, Harvard, Vancouver, ISO, and other styles

18

Marta, I. Komang Krisna Ade, I. Nyoman Buda Hartawan, and I. Kadek Susila Satwika. "ANALISIS SISTEM MONITORING KEAMANAN SERVER DENGAN SMS ALERT BERBASIS SNORT." INSERT : Information System and Emerging Technology Journal 1, no. 1 (June 25, 2020): 25. http://dx.doi.org/10.23887/insert.v1i1.25874.

Full text

Abstract:

AbstrakKeamanan server merupakan hal penting yang perlu diberikan perhatian lebih saat melakukan konfigurasi server. Pada umumnya serangan yang terjadi pada server diketahui setelah terjadinya kegagalan pada server dalam memberikan layanan. Pada penelitian ini, dibangun sebuah sistem keamanan server yang dapat melakukan monitoring pada sebuah server ketika terdeteksi adanya aktivitas yang tidak wajar. Pemberitahuan akan dikirimkan melalui SMS (Short Message Service) ke handphone Administrator jaringan. Sistem yang dibangun melakukan pendeteksian intrusi pada server secara realtime menggunakan SNORT. Ketika terjadi akses yang tidak wajar pada server, maka SNORT akan mendeteksi dan mengirimkan informasi terjadinya aktivitas yang tidak wajar ke Administrator jaringan. Sistem ini diujikan dengan lima jenis serangan yakni PING Attack, DoS/DDoS Attack, Port Scanning, Telnet Access dan FTP Access. Parameter yang diamati pada penelitian ini adalah beban aktivitas yang terjadi pada sumber daya server meliputi CPU, Memory (RAM) dan beban jaringan. Hasil penelitian menunjukkan bahwa saat terjadi upaya serangan terhadap server, SNORT dapat menghasilkan alert yang akan disimpan pada log sekaligus dikirimkan ke handphone Administrator melalui SMS. AbstractServer security is an important thing that needs to be given more attention when configuring a server. In general, attacks that occur on the server are known after a failure on the server in providing services. In this study, a server security system was built that could monitor a server when an unusual activity was detected. Notifications will be sent via SMS (Short Message Service) to the network Administrator's smartphone. The system is built to detect intrusions on the server in real time using SNORT. When improper access occurs on the server, SNORT will detect and send information about the occurrence of unusual activity to the network Administrator. This system is tested with five types of attacks namely PING Attack, DoS / DDoS Attack, Port Scanning, Telnet Access and FTP Access. The parameters observed in this study are the activity load that occurs on server resources including CPU, Memory (RAM) and network load. The results showed that when an attempt was made to attack the server, SNORT could produce alerts that would be stored in a log as well as sent to the Administrator's smartphone via SMS.

APA, Harvard, Vancouver, ISO, and other styles

19

Lukman, Lukman, and Melati Suci. "Analisis Perbandingan Kinerja Snort Dan Suricata Sebagai Intrusion Detection System Dalam Mendeteksi Serangan Syn Flood Pada Web Server Apache." Respati 15, no. 2 (July 10, 2020): 6. http://dx.doi.org/10.35842/jtir.v15i2.343.

Full text

Abstract:

INTISARIKeamanan jaringan pada web server merupakan bagian yang paling penting untuk menjamin integritas dan layanan bagi pengguna. Web server sering kali menjadi target serangan yang mengakibatkan kerusakan data. Salah satunya serangan SYN Flood merupakan jenis serangan Denial of Service (DOS) yang memberikan permintaan SYN secara besar-besaran kepada web server.Untuk memperkuat keamanan jaringan web server penerapan Intrusion Detection System (IDS) digunakan untuk mendeteksi serangan, memantau dan menganalisa serangan pada web server. Software IDS yang sering digunakan yaitu IDS Snort dan IDS Suricata yang memiliki kelebihan dan kekurangannya masing-masing. Tujuan penelitian kali ini untuk membandingkan kedua IDS menggunakan sistem operasi linux dengan pengujian serangan menggunakan SYN Flood yang akan menyerang web server kemudian IDS Snort dan Suricata yang telah terpasang pada web server akan memberikan peringatan jika terjadi serangan. Dalam menentukan hasil perbandingan, digunakan parameter-parameter yang akan menjadi acuan yaitu jumlah serangan yang terdeteksi dan efektivitas deteksi serangan dari kedua IDS tersebut.Kata kunci: Keamanan jaringan, Web Server, IDS, SYN Flood, Snort, Suricata. ABSTRACTNetwork security on the web server is the most important part to guarantee the integrity and service for users. Web servers are often the target of attacks that result in data damage. One of them is the SYN Flood attack which is a type of Denial of Service (DOS) attack that gives a massive SYN request to the web server.To strengthen web server network security, the application of Intrusion Detection System (IDS) is used to detect attacks, monitor and analyze attacks on web servers. IDS software that is often used is IDS Snort and IDS Suricata which have their respective advantages and disadvantages.The purpose of this study is to compare the two IDS using the Linux operating system with testing the attack using SYN Flood which will attack the web server then IDS Snort and Suricata that have been installed on the web server will give a warning if an attack occurs. In determining the results of the comparison, the parameters used will be the reference, namely the number of attacks detected and the effectiveness of attack detection from the two IDS.Keywords: Network Security, Web Server, IDS, SYN Flood, Snort, Suricata.

APA, Harvard, Vancouver, ISO, and other styles

20

Ananta, Ahmadi Yuli. "SELEKSI NOTIFIKASI SERANGAN BERBASIS IDS SNORT MENGGUNAKAN METODE K-MEANS." SMARTICS Journal 3, no. 2 (October 31, 2017): 31–37. http://dx.doi.org/10.21067/smartics.v3i2.1954.

Full text

Abstract:

Berkembangnya teknologi saat ini diikuti juga dengan berkembangnya serangan untuk merusak teknologi tersebut khususnya didalam jaringan komputer seperti DOS attack, port scanning, sniffer dll. Oleh karena itu dibutuhkan sebuah sistem yang bisa mendeteksi serangan secara realtime. Penyeleksian notifikasi serangan pada jaringan komputer berbasis IDS snort menggunakan metode k-means adalah sistem yang mendeteksi serangan jaringan berdasarkan data log pada snort dengan cara mengelompokkan data log tersebut menjadi 2 jenis serangan, bahaya dan tidak bahaya. Kemudian sistem ini akan mengirimkan notifikasi berupa SMS lewat aplikasi SMS gateway untuk serangan yang berjenis bahaya ke ponsel administrator jaringan. Sistem ini mendeteksi jenis serangan dengan proses pengelompokkan dari 100 data training yang diambil secara acak dari rules yang ada di snort. Proses pengelompokkan jenis serangan ini menggunakan metode k-means karena metode ini dapat mengelompokkan data dengan ukuran besar dengan cepat. Tentunya metode ini sangat ditentukan oleh pembangkitan centroid awal yang di ambil secara acak.

APA, Harvard, Vancouver, ISO, and other styles

21

Panggabean, Parningotan. "ANALISIS NETWORK SECURITY SNORT METODE INTRUSION DETECTION SYSTEM UNTUK OPTIMASI KEAMANAN JARINGAN KOMPUTER." Jursima 6, no. 1 (June 8, 2018): 1. http://dx.doi.org/10.47024/js.v6i1.107.

Full text

Abstract:

<p><em>Perkembangan teknologi informasi, khususnya jaringan komputer memungkinkan terjadinya pertukaran informasi yang mudah, cepat dan semakin kompleks. Keamanan jaringan komputer harus diperhatikan guna menjaga validitas dan integritas data serta informasi yang berada dalam jaringan tersebut. Masalah yang dihadapi adalah adanya Log Bug yang didapatkan pada komputer server Dinas Lingkungan Hidup Kota Batam yang diindikasikan adanya serangan Denial of Service (DoS) pada komputer tersebut. Berdasarkan masalah diatas maka penulis mencoba membuat sebuah penelitian yang berjudul “Analisis Network Security Snort menggunakan metode Intrusion Detection System (IDS) untuk Optimasi Keamanan Jaringan Komputer” dan diharapkan dapat mendeteksi serangan Denial of Service (DoS). Intrusion Detection System (IDS) adalah sebuah tool, metode, sumber daya yang memberikan bantuan untuk melakukan identifikasi, memberikan laporan terhadap aktivitas jaringan komputer. Aplikasi yang digunakan untuk mendeteksi serangan menggunakan Snort. Snort dapat mendeteksi serangan DoS. Serangan DoS dilakukan dengan menggunakan aplikasi Loic.</em></p>

APA, Harvard, Vancouver, ISO, and other styles

22

Goel, Aaruni, and Ashok Vasishtha. "The Implementation and Assessment of Snort Capabilities." International Journal of Computer Applications 167, no. 13 (June 15, 2017): 15–23. http://dx.doi.org/10.5120/ijca2017914525.

Full text

APA, Harvard, Vancouver, ISO, and other styles

23

Wu, Qing-Xiu. "The Network Protocol Analysis Technique in Snort." Physics Procedia 25 (2012): 1226–30. http://dx.doi.org/10.1016/j.phpro.2012.03.224.

Full text

APA, Harvard, Vancouver, ISO, and other styles

24

Zhang, Dongyan, and Shuo Wang. "Optimization of traditional Snort intrusion detection system." IOP Conference Series: Materials Science and Engineering 569 (August 9, 2019): 042041. http://dx.doi.org/10.1088/1757-899x/569/4/042041.

Full text

APA, Harvard, Vancouver, ISO, and other styles

25

Vaseer, Gurven, Pushpinder Singh Patheja, and Garima Ghai. "Intrusion Detection a Challenge: SNORT the savior." International Journal of Computer Trends and Technology 45, no. 1 (March 25, 2017): 1–3. http://dx.doi.org/10.14445/22312803/ijctt-v45p101.

Full text

APA, Harvard, Vancouver, ISO, and other styles

26

Murthy, K. Sreerama, S. Pallam Setty, and G. S. V. P. Raju. "Performance analysis of Mail Clients using SNORT." International Journal of Computer & Organization Trends 35, no. 1 (September 25, 2016): 1–7. http://dx.doi.org/10.14445/22492593/ijcot-v35p301.

Full text

APA, Harvard, Vancouver, ISO, and other styles

27

Arman, Molavi, and Nur Rachmat. "IMPLEMENTASI SISTEM KEAMANAN WEB SERVER MENGGUNAKAN PFSENSE." Jusikom : Jurnal Sistem Komputer Musirawas 5, no. 1 (May 31, 2020): 13–23. http://dx.doi.org/10.32767/jusikom.v5i1.752.

Full text

Abstract:

Seorang network administrator haruslah memiliki amanat dan rasa tanggung jawab terhadap network tempat dia bekerja dan mengamankan sumber daya perangkat device network sebagaimana mestinya. Kampus adalah salah satu tempat dosen, mahasiswa dan karyawan sebagai pengguna internet dan sistem informasi akademik kampus yang berbasis web. Pengguna atau user bisa menggunakan fasilitas dengan benar dan bisa pula menyalahgunakan ataupun tanpa sengaja mengganggu traffic network dan layanan sistem informasi pada kampus. Oleh karena itu, diperlukan suatu sistem dalam mengatasi dan menanggulangi penyalahgunaan kecerobohan sengaja atau tidak sengaja berupa ancaman terhadap web server. Sistem yang mendeteksi gangguan keamanan ini diimplementasikan dengan menggunakan aplikasi snort pada pfsense dan pfsense sebagai sistem operasi router yang diletakkan berhadapan dengan internet. Metode penelitian menggunakan PPDIOO sebagai metode pengembangan dalam implementasi. Berdasarkan hasil percobaan sistem snort mampu mengetahui sebagai alert dan menyimpannya di dalam log seperti serangan ping of death dan slowloris. Berdasarkan log snort pfsense mampu melakukan pemblokiran otomatis dalam durasi tertentu

APA, Harvard, Vancouver, ISO, and other styles

28

Shah, Syed Ali Raza, Biju Issac, and Seibu Mary Jacob. "Intelligent Intrusion Detection System Through Combined and Optimized Machine Learning." International Journal of Computational Intelligence and Applications 17, no. 02 (June 2018): 1850007. http://dx.doi.org/10.1142/s1469026818500074.

Full text

Abstract:

In this paper, an existing rule-based intrusion detection system (IDS) is made more intelligent through the application of machine learning. Snort was chosen as it is an open source software and though it was performing well, it showed false positives (FPs). To find the best performing machine learning algorithms (MLAs) to use with Snort so as to improve its detection, we tested some algorithms on three available datasets. Support vector machine (SVM) was chosen along with fuzzy logic and decision tree based on their accuracy. Combined versions of algorithms through ensemble SVM along with other variants were tried on the generated traffic of normal and malicious packets at 10[Formula: see text]Gbps. Optimized versions of the SVM along with firefly and ant colony optimization (ACO) were also tried, and the accuracy improved remarkably. Thus, the application of combined and optimized MLAs to Snort at 10[Formula: see text]Gbps worked quite well.

APA, Harvard, Vancouver, ISO, and other styles

29

Widodo, Rio, and Imam Riadi. "Intruder Detection Systems on Computer Networks Using Host Based Intrusion Detection System Techniques." Buletin Ilmiah Sarjana Teknik Elektro 3, no. 1 (January 13, 2021): 21. http://dx.doi.org/10.12928/biste.v3i1.1752.

Full text

Abstract:

The openness of access to information raises various problems, including maintaining the validity and integrity of data, so a network security system is needed that can deal with potential threats that can occur quickly and accurately by utilizing an IDS (intrusion detection system). One of the IDS tools that are often used is Snort which works in real-time to monitor and detect the ongoing network by providing warnings and information on potential threats in the form of DoS attacks. DoS attacks run to exhaust the packet path by requesting packets to a target in large and continuous ways which results in increased usage of CPU (central processing unit), memory, and ethernet or WiFi networks. The snort IDS implementation can help provide accurate information on network security that you want to monitor because every communication that takes place in a network, every event that occurs and potential attacks that can paralyze the internet network are monitored by snort.

APA, Harvard, Vancouver, ISO, and other styles

30

Shim, Kyu-Seok, Sung-Ho Yoon, Su-Kang Lee, Sung-Min Kim, Woo-Suk Jung, and Myung-Sup Kim. "Automatic Generation of Snort Content Rule for Network Traffic Analysis." Journal of Korean Institute of Communications and Information Sciences 40, no. 4 (April 30, 2015): 666–77. http://dx.doi.org/10.7840/kics.2015.40.4.666.

Full text

APA, Harvard, Vancouver, ISO, and other styles

31

Jia, Ling. "Campus Network Security Program Based on Snort Network Security Intrusion Detection System." Advanced Materials Research 433-440 (January 2012): 3235–40. http://dx.doi.org/10.4028/www.scientific.net/amr.433-440.3235.

Full text

Abstract:

This paper studies the security problems of campus network and summarizes the current on the current security risks and threats that campus network faces, focusing on analysis of attack-defense strategies on DOS network layer, proposing the security program of campus network which uses firewall as well as network security intrusion detection system snort. This paper analyzes the functional advantages of the program and presents in details the setup deployment and collocation methods of network security intrusion detection system based on snort in the campus network, and its application results are also summarized.

APA, Harvard, Vancouver, ISO, and other styles

32

Sampath, Nithya. "Intrusion Detection in Software Defined Networking Using Snort and Mirroring." International Journal of Psychosocial Rehabilitation 23, no. 4 (December 31, 2019): 1699–710. http://dx.doi.org/10.37200/ijpr/v23i4/pr190501.

Full text

APA, Harvard, Vancouver, ISO, and other styles

33

Erlansari, Aan, Funny Farady Coastera, and Afief Husamudin. "Early Intrusion Detection System (IDS) using Snort and Telegram approach." SISFORMA 7, no. 1 (June 10, 2020): 21. http://dx.doi.org/10.24167/sisforma.v7i1.2629.

Full text

Abstract:

Computer network security is an important factor that must be considered. Guaranteed security can avoid losses caused by attacks on the network security system. The most common prevention against network attacks is to place an administrator, but problems will arise when the administrator is not supervising the network, so to overcome these problems a system called IDS (Intrusion Detection System) can detect suspicious activity on the network through automating the work functions of an administrator. Snort is one of the software that functions to find out the intrusion. Data packets that pass through network traffic will be analyzed. Data packets detected as intrusion will trigger alerts which are then stored in log files. Thus, administrators can find out intrusions that occur on computer networks, and the existence of instant messaging applications can help administrators to get realtime notifications, one of which is using the Telegram application. The results of this study are, Snort able to detect intrusion of attacks on computer networks and the system can send alerts from snort to administrators via telegram bot in real-time.

APA, Harvard, Vancouver, ISO, and other styles

34

Park, Wonhyung, and Byeong Ho Kang. "An Enhancement of Optimized Detection Rule of Security Monitoring and Control for Detection of Cyberthreat in Location-Based Mobile System." Mobile Information Systems 2017 (2017): 1–13. http://dx.doi.org/10.1155/2017/8501976.

Full text

Abstract:

A lot of mobile applications which provided location information by using a location-based service are being developed recently. For instance, a smart phone would find my location and destination by running a program using a GPS chip in a device. However, the information leakage and the crime that misused the leaked information caused by the cyberattack of mobile information system occurred. So the interest and importance of information security are increasing. Also the number of users who has used mobile devices in Korea is increasing, and the security of mobile devices is becoming more important. Snort detection system has been used to detect and handle cyberattacks but the policy of Snort detection system is applied differently for each of the different kinds of equipment. It is expected that the security of mobile information system would be improved and information leakage would be blocked by selecting options through optimization of Snort detection policy to protect users who are using location-based service in mobile information system environment in this paper.

APA, Harvard, Vancouver, ISO, and other styles

35

Ha, Jaecheol. "Preprocessor Implementation of Open IDS Snort for Smart Manufacturing Industry Network." Journal of the Korea Institute of Information Security and Cryptology 26, no. 5 (October 31, 2016): 1313–22. http://dx.doi.org/10.13089/jkiisc.2016.26.5.1313.

Full text

APA, Harvard, Vancouver, ISO, and other styles

36

Geddes, Linda. "Snort stem cells to get them to brain." New Scientist 203, no. 2725 (September 2009): 12. http://dx.doi.org/10.1016/s0262-4079(09)62383-6.

Full text

APA, Harvard, Vancouver, ISO, and other styles

37

Marques, Oge, and Pierre Baillargeon. "Design of a multimedia traffic classifier for Snort." Information Management & Computer Security 15, no. 3 (June 12, 2007): 241–56. http://dx.doi.org/10.1108/09685220710759577.

Full text

APA, Harvard, Vancouver, ISO, and other styles

38

Aickelin, Uwe, Jamie Twycross, and Thomas Hesketh Roberts. "Rule generalisation in intrusion detection systems using SNORT." International Journal of Electronic Security and Digital Forensics 1, no. 1 (2007): 101. http://dx.doi.org/10.1504/ijesdf.2007.013596.

Full text

APA, Harvard, Vancouver, ISO, and other styles

39

Olanrewaju, Rashidah Funke, Burhan Ul Islam Khan, Athaur Rahman Najeeb, Ku Nor Afiza Ku Zahir, and Sabahat Hussain. "Snort-based Smart and Swift Intrusion Detection System." Indian Journal of Science and Technology 11, no. 4 (January 1, 2018): 1–9. http://dx.doi.org/10.17485/ijst/2018/v11i4/120917.

Full text

APA, Harvard, Vancouver, ISO, and other styles

40

Gavrilovic, Nadja, Vladimir Ciric, and Nikola Lozo. "Snort ids system visualization interface for alert analysis." Serbian Journal of Electrical Engineering 19, no. 1 (2022): 67–78. http://dx.doi.org/10.2298/sjee2201067g.

Full text

Abstract:

Over the past decades, the rapid Internet development and the growth in the number of its users have raised various security issues. Therefore, it is of great importance to ensure the security of the network in order to enable the safe exchange of confidential data, as well as their integrity. One of the most important components of network attack detection is an Intrusion Detection System (IDS). Snort IDS is a widely used intrusion detection system, which logs alerts after detecting potentially dangerous network packets. A major challenge in network monitoring is the high volume of generated IDS alerts. A necessary step in successful network protection is the analysis of the great amount of logged alerts in search of deviations from normal traffic that may indicate an intrusion. The goal of this paper is to design and implement a visualization interface for IDS alert analysis, which graphically presents alerts generated by Snort IDS. Also, the proposed system classifies the alerts according to the most important attack parameters, and allows the users to understand evolving network situations and easily detect possible traffic irregularities. An environment in which the system has been tested in real-time is described, and the results of attack detection and classification are given. One of the detected attacks is analyzed in detail, as well as the method of its detection and its possible consequences.

APA, Harvard, Vancouver, ISO, and other styles

41

Kim, Hyeong-Dong, Ki-Hyun Kim, and Jae-Cheol Ha. "Development of Intrusion Detection System for GOOSE Protocol Based on the Snort." Journal of the Korea Institute of Information Security and Cryptology 23, no. 6 (December 31, 2013): 1181–90. http://dx.doi.org/10.13089/jkiisc.2013.23.6.1181.

Full text

APA, Harvard, Vancouver, ISO, and other styles

42

Guterres, Lilia Ervina Jeronimo, and Ahmad Ashari. "THE ANALYSIS OF WEB SERVER SECURITY FOR MULTIPLE ATTACKS IN THE TIC TIMOR IP NETWORK." IJCCS (Indonesian Journal of Computing and Cybernetics Systems) 14, no. 1 (January 31, 2020): 103. http://dx.doi.org/10.22146/ijccs.53265.

Full text

Abstract:

The current technology is changing rapidly, with the significant growth of the internet technology, cyber threats are becoming challenging for IT professionals in the companies and organisations to guard their system. Especially when all the hacking tools and instructions are freely available on the Internet for beginners to learn how to hack such as stealing data and information. Tic Timor IP is one of the organisations involved and engaged in the data center operation. It often gets attacks from the outside networks. A network traffic monitoring system is fundamental to detect any unknown activities happening within a network. Port scanning is one of the first methods commonly used to attack a network by utilizing several free applications such as Angry IP Scan, Nmap and Low Orbit Ion Cannon (LOIC). On the other hand, the snort-based Intrusion Detection System (IDS) can be used to detect such attacks that occur within the network perimeter including on the web server. Based on the research result, snort has the ability to detect various types of attack including port scanning attacks and multiple snort rules can be accurately set to protect the network from any unknown threats.

APA, Harvard, Vancouver, ISO, and other styles

43

Stiawan, Deris, Dimas Wahyudi, Ahmad Heryanto, Samsuryadi Samsuryadi, Mohd Yazid Idris, Farkhana Muchtar, Mohammed Abdullah Alzahrani, and Rahmat Budiarto. "TCP FIN Flood Attack Pattern Recognition on Internet of Things with Rule Based Signature Analysis." International Journal of Online and Biomedical Engineering (iJOE) 15, no. 07 (April 15, 2019): 124. http://dx.doi.org/10.3991/ijoe.v15i07.9848.

Full text

Abstract:

<p class="0abstract">Focus of this research is TCP FIN flood attack pattern recognition in Internet of Things (IoT) network using rule based signature analysis method. Dataset is taken based on three scenario normal, attack and normal-attack. The process of identification and recognition of TCP FIN flood attack pattern is done based on observation and analysis of packet attribute from raw data (pcap) using a feature extraction and feature selection method. Further testing was conducted using snort as an IDS. The results of the confusion matrix detection rate evaluation against the snort as IDS show the average percentage of the precision level.</p>

APA, Harvard, Vancouver, ISO, and other styles

44

Lee, Hyeong-Yun, Seong-Oun Hwang, and Beongku An. "Worm Detection and Containment using Earlybird and Snort on Deterlab." Journal of the Institute of Webcasting, Internet and Telecommunication 13, no. 1 (February 28, 2013): 71–76. http://dx.doi.org/10.7236/jiibc.2013.13.1.71.

Full text

APA, Harvard, Vancouver, ISO, and other styles

45

Aprilianto, Tria, Sunu Jatmika, and Ihsan Wicaksono. "PERANCANGAN SISTEM PENDETKSI SERANGAN PADA SERVER JARINGAN KOMPUTER MENGGUNAKAN SNORT BERBASIS SMS GETEWAY." Jurnal Teknika 11, no. 1 (March 21, 2019): 1055. http://dx.doi.org/10.30736/jt.v11i1.287.

Full text

Abstract:

Server on a network becomes an important point because its function is to serve all requests required by all clients on a network. For that, maintaining the security of a server is also very important because if the server is experiencing a problem then there is no one the network can serve the request from the client. This makes a server administrator must see traffic to the server at any time. For this reason, it is important to conduct an attack detection system research in order to help the performance of administrators. Detection of attacks directed to the server is an early solution in securing a server from attack. For attack detection systems, SNORT is generally able to detect almost any attack because it has many rules that can be modified. Detection system by configuring and adding the rule first on the server. If there is an incoming attack then SNORT will compare the attack with the existing rule, SNORT will later categorize the attack into 3 types of High, Medium and Low. The design of attack detection system using SNORT and web server is planted on Raspberry Pi. Web server that is planted on Raspberry Pi as information system or container of attack records. In addition, Raspberry Pi also implemented database to store attack log which will be sent via sms gateway. The overall test results of the system built on this final project work well. The admin user can login the web server and do the user creation properly. Among the 6 rule attacks that have been implemented, all rules can read the attack accurately and able to save it into the database. From 75 attacks recorded in the database, only 80% attack detection can be displayed in the web server. And the web server is capable of sending 77.3% of attack notifications to the admin.

APA, Harvard, Vancouver, ISO, and other styles

46

Sun, Xibin, Du Zhang, Haiou Qin, and Jiahua Tang. "Bridging the Last-Mile Gap in Network Security via Generating Intrusion-Specific Detection Patterns through Machine Learning." Security and Communication Networks 2022 (February 12, 2022): 1–20. http://dx.doi.org/10.1155/2022/3990386.

Full text

Abstract:

With successful machine learning applications in many fields, researchers tried to introduce machine learning into intrusion detection systems for building classification models. Although experimental results showed that these classification models could produce higher accuracy in predicting network attacks on the offline datasets, compared with the operational intrusion detection systems, machine learning is rarely deployed in the real intrusion detection environment. This is what we call the last mile problem with the machine learning approach to network intrusion detection, the discrepancy between the strength and requirements of machine learning and network operational semantics. In this paper, we aim to bridge the aforementioned gap. In particular, an LCC-RF-RFEX feature selection approach is proposed to select optimal features of the specific type of attacks from dataset, and then, an intrusion-specific approach is introduced to convert them into detection patterns that can be used by the nonmachine-learning detector for the corresponding specific attack detection in the real-world network environment. To substantiate our approach, we take Snort, KDDCup’99 dataset, and Dos attacks as the experimental subjects to demonstrate how to close the last-mile gap. For the specific type of Dos attacks in the KDDCup’99 dataset, we use the LCC-RF-RFEX method to select optimal feature subset and utilize our intrusion-specific approach to generate new rules in Snort by using them. Comparing performance differences between the existing Snort rule set and our augmented Snort rule set with regard to Dos attacks, the experimental results showed that our approach expanded Snort’s detection capability of Dos attacks, on average, reduced up to 25.28% false-positive alerts for Teardrop attacks and Synflood attacks, and decreased up to 98.87% excessive alerts for Mail bomb attacks.

APA, Harvard, Vancouver, ISO, and other styles

47

Lee, Sung-Yun, and Ki-Yeol Ryu. "Performance Analysis of TCAM-based Jumping Window Algorithm for Snort 2.9.0." Journal of Korean Society for Internet Information 13, no. 2 (April 30, 2012): 41–49. http://dx.doi.org/10.7472/jksii.2012.13.2.41.

Full text

APA, Harvard, Vancouver, ISO, and other styles

48

Akhriana, Asmah, and Andi Irmayana. "WEB APP PENDETEKSI JENIS SERANGAN JARINGAN KOMPUTER DENGAN MEMANFAATKAN SNORT DAN LOG HONEYPOT." CCIT Journal 12, no. 1 (February 6, 2019): 85–96. http://dx.doi.org/10.33050/ccit.v12i1.604.

Full text

Abstract:

Along with the current development of Information Technology is always changing to make the security of an information is very important, especially on a network connected to the internet. But what is unfortunate is that the imbalance between each development of a technology is not accompanied by developments in the security system itself, so that there are quite a lot of systems that are still weak and have to be increased by the security wall. This study aims to design a Web-based App interface to facilitate users or administrators in securing network computers from various types of attacks. The Instrusion detection system (IDS) method is used to detect suspicious activity in a system or network using snort and honeypot. Honeypot is built on a computer along with Apache, MySQL, and Snort. Honeypot will act as a target to attract attackers and log information from the attacker and snort to apply the rules made from the web. The functional system will then be tested using the black box testing method. The results of this study concluded that Web App-based interfaces that are created can be used to help users and administrators in maintaining data and information on server computers from various types of attacks on computer networks

APA, Harvard, Vancouver, ISO, and other styles

49

Simadiputra, Vincent, and Nico Surantha. "Rasefiberry: Secure and efficient Raspberry-Pi based gateway for smarthome IoT architecture." Bulletin of Electrical Engineering and Informatics 10, no. 2 (April 1, 2021): 1035–45. http://dx.doi.org/10.11591/eei.v10i2.2741.

Full text

Abstract:

Internet-of-Things or IoT technology becomes essential in everyday lives. The risk of security and privacy towards IoT devices, especially smarthomes IoT gateway device, becoming apparent as IoT technology progressed. The need for affordable, secure smarthome gateway device or router that smarthome user prefer. The problem of low-performance smarthome gateways was running security programs on top of smarthome gateway programs. This problem motivates the researcher designing a secure and efficient smarthome gateway using Raspberry Pi hardware as an affordable smarthome gateway device and able to run both smarthome gateways and security programs. In this research, researchers implemented snort as intrusion detection system (IDS), openHab as IoT gateway applications, and well-known encryption algorithms for file encryption in Raspberry PI 3B+ model. The researcher evaluated Snort capability on network attacks and compared each of the well-known encryption algorithm efficiency. From the result, we found Rasefiberry customized snort configuration for Raspberry pi 60 percent of the simulated network attacks. Twofish encryption algorithms were found to have best encryption time, throughput, and power consumption compared to other encryption algorithms in the research. Rasefiberry architecture successfully processes both lightweight security programs and Openhab smarthome gateway programs with a lowperformance computing device such as Raspberry Pi.

APA, Harvard, Vancouver, ISO, and other styles

50

Alsafasfeh, Moath, and Abdel Ilah Alshbatat. "Configuring Snort as a Firewall on Windows 7 Environment." Journal of Ubiquitous Systems and Pervasive Networks 3, no. 2 (December 15, 2011): 73–77. http://dx.doi.org/10.5383/juspn.03.02.006.

Full text

APA, Harvard, Vancouver, ISO, and other styles

We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!