Intrusion Detection System (IDS) : Investigating Snort Performance in Windows and Ubuntu due to Flooding Attack

Authors

  • Abidah Mat Taib Universiti Teknologi MARA, Perlis Branch, Arau Campus
  • Nur Syahirah Shayuthi Universiti Teknologi MARA, Perlis Branch, Arau Campus

Keywords:

Intrusion Detection System, Snort, GNS3, performance analysis, flooding attack

Abstract

Intrusion detection is an important technology that can help in managing threats and
vulnerabilities in this changing environment. Computer technology is more and more ubiquitous,
the penetration of computer in society is a welcome step towards modernization but society needs
to be better equipped with challenges associated with technology. Thus, with the help of intrusion
detection system (IDS) that can be used to monitor network for any attack and intrusion, it can
reduce the security issues and help people to curb with the advance threat. This project aims to
provide insight to small organization, employee and student to have a secure environment in their
personal computer. The objectives of this project is to set up an isolate local area network (LAN)
to imitate a real network environment using Graphical Network Simulator-3 (GNS3) and to create
the scenario for analyzing Snort IDS performance in Windows and Ubuntu due to flooding attack.
Basically, this project uses a router in GNS3 that can act as a real router. The IDS was
implemented on the PC1 while PC2 acts as an attacker that send a flooding attack to PC 1. The
timer was set for 2 minutes and the performance was analyzed based on drop packet and
throughput. The result shows that the performance of Snort is better in Ubuntu compared to
Windows in term of its drop packet and throughput.

Downloads

Download data is not yet available.

Downloads

Published

2017-06-30

How to Cite

Mat Taib, A., & Shayuthi, N. S. (2017). Intrusion Detection System (IDS) : Investigating Snort Performance in Windows and Ubuntu due to Flooding Attack. Journal of Computing Research and Innovation, 2(2), 18–25. Retrieved from //crinn.conferencehunter.com/index.php/jcrinn/article/view/37

Issue

Section

General Computing