Abstract
Anomaly detection has been considered as a critical problem in any application area. In computer networks, anomaly detection is important as any kind of abnormal behavior in the network data is considered harmful to the end user. Snort is an open source NIDS tool that uses misuse detection method for intrusion detection. There are many pre-processor and detection plug-ins for Snort. Pre-processor plug-ins is meant to process the packet captured but some are meant for detection of anomalies also. Hence we are implementing a pre-processor plug-in for Snort meant for anomaly detection approach using the machine learning algorithm support vector machine and integrating into Snort. The anomalies detected by the plug-in are new compared with the anomalies detected by the available pre-processor plug-ins. Also we created an intrusion detection dataset which is important for any process using the machine learning algorithms. The detection rate of the plug-in is high and the false alarm rate is low which is very important for any anomaly detection system. Hence integrating this plug-in into Snort helps to improve the detection rate of the plug-ins that can be run in packet sniffer mode.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
