Indian Journal of Science and Technology

The PDF file you selected should load here if your Web browser has a PDF reader plug-in installed (for example, a recent version of Adobe Acrobat Reader).

If you would like more information about how to print, save, and work with PDFs, Highwire Press provides a helpful Frequently Asked Questions about PDFs.

Alternatively, you can download the PDF file directly to your computer, from where it can be opened using a PDF reader. To download the PDF, click the Download link above.

Fullscreen Fullscreen Off


Objectives: To assess various Intrusion Detection Systems (IDS) against various types of attacks in different environments like Web, Enterprise, Cloud, etc. and to propose architecture for improving the Snort based IDS performance during typical attacks. Methods: Analytical approach was used to survey various research papers in this field of research. Findings: In this research, various approaches of IDS were analysed in various aspects like Detection Accuracy, False Alarm Rate, Scalability and Capability of detecting unknown attacks. Some approaches focused on particular type of issues while ignoring the others. This lead to performance degrading in several cases which is not tolerable in real time scenarios. Improvements: Among various studied approaches, we chose Snort based IDS to improve its performance in order to deploy in enterprise networks. Being an Open Source Software, Snort gives the flexibility to improve its functionality. We propose architecture to improve Snort's detection rate and to reduce the packet drops during critical attacks like Port Scanning, DoS, DDoS Attacks, etc.

Keywords

Attacks, DoS Attacks, DDoS Attacks, Detection Accuracy, False Alarm Rate, Intrusion Detection System, Open Source Software, Port Scanning Attacks, Snort, Scalability.
User