A novel hybrid-based approach of snort automatic rule generator and security event correlation (SARG-SEC)

Jaw, Ebrima; Wang, Xueming

doi:10.7717/peerj-cs.900

Cited by 6 publications

(1 citation statement)

References 65 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, it has a unique feature of high detection rate and accuracy. However, it cannot detect novel attacks and, at the same time, it requires expert knowledge to create and update rules frequently, which is both costly and faulty [18].…”

Section: Snort Stagementioning

confidence: 99%

Implementation of signature-based intrusion detection system using SNORT to prevent threats in network servers

2022

joscex

View full text Add to dashboard Cite

Security is an important factor in today's digital era. In a network, implementing a security system is the focus of a network developer. One of the most basic network securities is in the form of access. To manage the security of a system must be known in advance who is involved in the system and what activities are carried out. Just like a security alarm, which monitors work conditions, this is the function of the Intrusion Detection System (IDS). IDS has several effective methods for detecting threats, one of which is the Signature-based method. IDS can be implemented through the open-source SNORT application, and the method works with rules which are commands to IDS to recognize various attacks. IDS rules will be included in the signature matching process, which means matching between rules and incoming attacks and views of both protocols, then the IDS will generate alerts that contain notifications. This study conducted a reading of the MIT-DARPA 1999 dataset on 1,252,412 packages and tested alerting with Network Scanning and DoS attacks. Analyze Package Data runs at a speed of 83,494 packets /second and gets a true positive percentage reaching 100% and an accuracy of 98.10%.

show abstract

Section: Snort Stagementioning

confidence: 99%

Implementation of signature-based intrusion detection system using SNORT to prevent threats in network servers

2022

joscex

View full text Add to dashboard Cite

show abstract

An Intrusion Detection System and Attack Intension Used in Network Forensic Exploration

Chatterjee,

Pattnaik,

Satpathy

2023

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

A Rule Generation Method With High Understandability Against Obfuscated Attack Patterns in Log4Shell for IPS and IDS Based on Given Obfuscation Techniques

Yamamoto,

Yamaguchi

2023

2023 IEEE 12th Global Conference on Consumer Electronics (GCCE)

View full text Add to dashboard Cite

A novel hybrid-based approach of snort automatic rule generator and security event correlation (SARG-SEC)

Cited by 6 publications

References 65 publications

Implementation of signature-based intrusion detection system using SNORT to prevent threats in network servers

Implementation of signature-based intrusion detection system using SNORT to prevent threats in network servers

An Intrusion Detection System and Attack Intension Used in Network Forensic Exploration

A Rule Generation Method With High Understandability Against Obfuscated Attack Patterns in Log4Shell for IPS and IDS Based on Given Obfuscation Techniques

Contact Info

Product

Resources

About