Friday, October 18, 2019

Analytical Reseach paper on IDS systems SNORT Vs Bro Research

Analytical Reseach on IDS systems SNORT Vs Bro - Research Paper Example Intrusion detection can be carried out automatically as well as manually (Sundaram, 1996). At the present, there exist a large number of intrusion detection systems (IDS). Some intrusion detection systems are available in the open source environment, which make it easier for the organizations to adopt them according to their needs. The basic objective of this research is to provide an analysis of two open source intrusion detection systems: Snort and Bro. The structure of this paper is as follows: first of all an overview of the intrusion detection system is provided, next two sections present an overview of the two IDS systems and after that a comparison of these two IDSs is presented. Basically, an intrusion detection system is an application or device utilized to scrutinize the entire network traffic and notify the administrator or user when there has been an illegal effort or access. There are two major techniques of network traffic monitoring, one is anomaly-based and other is signature-based. Relying on the application or device utilized the intrusion detection system that would be able to either simply observe the administrator or user or it could be placed up to automatically respond in some way or block specific traffic (Bradley, 2015). In this scenario, anomaly based detection in the IDS that compares present network traffic to a known-good baseline to appear for something out of the normal. The intrusion detection system can be placed deliberately on the communication network as a network based intrusion detection or NIDS. This NIDS scrutinizes the entire communication network traffic. It can be installed on every individual communication system like a h ost-based intrusion detection or HIDS that scrutinizes traffic to as well as from that specific device (Bradley, 2015). Martin Roesch developed a NIDS (network intrusion detection system), which is mainly an open source NIDS, and called as Snort. It is basically a packet sniffer, which is

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.