Publication Type : Conference Paper
Thematic Areas : Amrita Center for Cybersecurity Systems and Networks
Publisher : ISDA
Source : International Conference on Intelligent Systems Design and Applications, ISDA, Kochi, p.46-51 (2012)
Keywords : Automata theory, Boyer-Moore, BSnort, Hping, Intelligent systems, Intrusion detection, Network security, Signatures, Snort, Systems analysis
Campus : Amritapuri
School : School of Engineering
Center : Cyber Security
Department : Computer Science
Year : 2012
Abstract : With the advent of a range of intrusion detection and prevention systems out in the market and Snort IPS standing out from others, always there have been efforts to improve upon the current scenario. Here, a novel technique that can curb many of the current Denial-of-Service attacks which usually disrupts the network connectivity by consuming a large amount of bandwidth is discussed. The Better Snort Intrusion Detection/Prevention System (BSnort) uses Aho-Corasick automaton for the deep packet inspection and makes use of the modified Snort signatures which utilizes minimum amount of CPU and memory. The BSnort stands out from other Network Intrusion Detection Systems (NIDSs) in its integrated use of anomaly detection approach to find out novel attacks using the packet header along with the use of known attack signatures for the payload to pin-point intrusions. © 2012 IEEE.
Cite this Research Publication : Ra Padmashani, Shiju Sathyadevan, and Dath, Da, “BSnort IPS: Better snort intrusion detection/prevention system”, in International Conference on Intelligent Systems Design and Applications, ISDA, Kochi, 2012, pp. 46-51.