IMPLEMENTATION OF A SIGNATURE-BASED IDS USING SNORT FOR NETWORK SECURITY
Loading...
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Universiti Malaysia Sarawak
Abstract
Description
This project focuses on implementing a signature-based Intrusion Detection System (IDS) using Snort on a Linux-based environment to enhance network security through real-time detection of cyber threats. Custom Snort rules are designed to detect Denial of Service (DoS), port scanning, and SQL injection attacks effectively. The project integrates a Python-based machine learning module that analyzes Snort alert logs to improve detection accuracy and reduce false positives. By simulating attacks from an attacker virtual machine, the system’s performance in identifying threats is evaluated based on accuracy, response time, and classification metrics. The methodology used is the Design Science Research Methodology (DSRM), which guides the development, implementation, and evaluation of the system. This project provides practical experience in deploying IDS, crafting detection rules, and applying intelligent analysis to enhance threat identification. The system aims to deliver reliable intrusion alerts while minimizing administrative burden, contributing to stronger and more accurate network monitoring solutions in modern cybersecurity environments.