Study and Deployment of an Intrusion Detection System
Loading...
Date
2022
Journal Title
Journal ISSN
Volume Title
Publisher
Faculty of sciences
Abstract
Internet has caused a great technological revolution in terms of the exchange of information,
knowledge and science, which led to the inevitability of its use in personal and professional
life, and the fate of people became hostage of this network. This necessity has led some to
exploit it illegally by espionage, extortion, sabotage, data theft ... which has led to the
emergence of protection methods such as Anti-virus systems, firewalls, security technologies,
password, and encryption systems ... and other means of protection.
All the security systems had loopholes and tightening loopholes that exploited by hackers. This
prompted researchers to invent intrusion detection systems, which corrected many of the
shortcomings of previous solutions. It should be noted that there are several types of intrusion
detection systems, some of which are based on the scenario approach like IDS Snort, and some
of them are based on the behavioral approach of users and applications.
In our project, we installed & configured the Snort intrusion detection system, which is
considered to be one of the leading systems in the intrusion detection field, and we installed
the graphical display management software Splunk for easy reading and analysis of the alarms
and logs that Snort generates as well as pulledpork a tool used for automatic management of
Snort rules.
With the advancements in the attack techniques and viciousness, the question we ask ourselves
is whether Snort is still viable as an Intrusion detection system or is it an obsolete tool that can
no longer handle the latest attack developments.