Abstract
The recent surge in cyberattacks should not be taken lightly, especially by large enterprises with sensitive data. Intrusion Detection Systems (IDS) are becoming a critical component for detecting network anomalies. One such network anomaly detection tool is SNORT, with a BASE (Basic Analysis and Security Engine) frontend for efficient data processing. Acting as a bridge between SNORT and BASE, the author uses barnyard2 as a backend to store logs obtained from SNORT into the database. The implementation methodology used in this research is an experimental approach, where the authors conduct experiments through trial and error to achieve the desired results. This IDS system was tested using two types of attacks, namely DDoS and SQL-Injection. The DDoS attack trial uses tools found in Kali Linux, namely Hping3 with 6 scenarios namely FIN, ACK, RST, UDP, SYN, and ICMP with the results detected in the snort database. SQL-Injection attack test using the DVWA vulnerable website with the result detected in the snort database when the attack is carried out. This proves that the accuracy level of the system reaches close to 100% with the rules given and the penetration testing given.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: International Journal of Computer and Information System (IJCIS)
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.