Intrusion Detection System (IDS) : Investigating Snort Performance in Windows and Ubuntu due to Flooding Attack
Keywords:Intrusion Detection System, Snort, GNS3, performance analysis, flooding attack
Intrusion detection is an important technology that can help in managing threats and
vulnerabilities in this changing environment. Computer technology is more and more ubiquitous,
the penetration of computer in society is a welcome step towards modernization but society needs
to be better equipped with challenges associated with technology. Thus, with the help of intrusion
detection system (IDS) that can be used to monitor network for any attack and intrusion, it can
reduce the security issues and help people to curb with the advance threat. This project aims to
provide insight to small organization, employee and student to have a secure environment in their
personal computer. The objectives of this project is to set up an isolate local area network (LAN)
to imitate a real network environment using Graphical Network Simulator-3 (GNS3) and to create
the scenario for analyzing Snort IDS performance in Windows and Ubuntu due to flooding attack.
Basically, this project uses a router in GNS3 that can act as a real router. The IDS was
implemented on the PC1 while PC2 acts as an attacker that send a flooding attack to PC 1. The
timer was set for 2 minutes and the performance was analyzed based on drop packet and
throughput. The result shows that the performance of Snort is better in Ubuntu compared to
Windows in term of its drop packet and throughput.
How to Cite
Copyright (c) 2018 Journal of Computing Research and Innovation
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.