REAL-TIME TRAFFIC DETECTION and ANALYSIS of NETWORK SECURITY INTRUSION ATTACK: SNORT INTRUSION PREVENTION SYSTEM

被引:0
作者
Zhou A.L. [1 ]
机构
[1] Yantai Vocational College, 2-20, Dongxing Street, Zhifu District, Yantai, 264000, Shandong
来源
Telecommunications and Radio Engineering (English translation of Elektrosvyaz and Radiotekhnika) | 2020年 / 79卷 / 12期
关键词
AC algorithm; Network security; Pattern matching; Snort system; Traffic detection;
D O I
10.1615/TelecomRadEng.v79.i12.30
中图分类号
学科分类号
摘要
Intrusion detection is very important for network security. In this study, the structure and design of the Snort system were introduced briefly, and then the ability of data acquisition was improved by a third-party interface. In the part of intrusion detection, the pattern matching algorithm was improved to improve the detection effect of the system. The experimental results showed that the data packet capture ability of the improved system was significantly improved, and the packet loss rate was 97.41% lower than that of the ordinary system; in the intrusion detection, the detection efficiency was kept at 75 M/s, which was significantly higher than other algorithms; for 20 attack traffic, the improved system could realize all alarms, and the maximum response time was only 0.3 s. The experimental results show that the improved Snort system is effective in intrusion prevention and it is worth to be widely used in practice. ©2020 by Begell House
引用
收藏
页码:1055 / 1062
页数:7
相关论文
共 18 条
[1]  
Jallad K.A., Aljnidi M., Desouki M.S., Big data analysis and distributed deep learning for next-generation intrusion detection system optimization, J. Big. Data, 6, 1, (2019)
[2]  
Ethala K., Sheshadri R., Chakkaravarthy S.S., WIDS Real-Time Intrusion Detection System Using Entrophical Approach, Adv. Intell. Syst. Comput, 324, pp. 73-79, (2015)
[3]  
Abusitta A., Bellaiche M., Dagenais M., Multi-cloud cooperative intrusion detection system: trust and fairness assurance, Ann. Telecommun, 74, 4, pp. 1-17, (2019)
[4]  
Singh O., Singh J., Singh R., Multi-level trust-based intelligence intrusion detection system to detect the malicious nodes using elliptic curve cryptography in MANET, Cluster. Comput, pp. 1-13, (2017)
[5]  
Peng K., Leung V.C.M., Huang Q., Clustering Approach Based on Mini Batch Kmeans for Intrusion Detection System over Big Data, IEEE Access, 6, pp. 11897-11906, (2018)
[6]  
Al-Yaseen W.L., Othman Z.A., Nazri M.Z.A., Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system, Expert. Syst. Appl, 67, pp. 296-303, (2017)
[7]  
Hodo E., Bellekens X., Hamilton A., Dubouilh P.L., Et al., Threat analysis of IoT networks Using Artificial Neural Network Intrusion Detection System, Tetrahedron. Lett, 42, 39, pp. 6865-6867, (2017)
[8]  
Shah S.A.R., Issac B., Jacob S.M., Intelligent Intrusion Detection System Through Combined and Optimized Machine Learning, Int J. Comput. Intell. Appl, 4, (2018)
[9]  
Khamphakdee N., Benjamas N., Saiyod S., Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining, J. ICT Res. Appl, 8, 3, pp. 234-250, (2015)
[10]  
Wang Y., Yu G., Zhang J., Combination of PF_RING with NAPI packet capture performance optimization and simulation, Comput. Eng. Appl, 49, 8, pp. 81-84, (2013)
12