CFP last date
20 January 2025
Reseach Article

Implementation of Intrusion Detection System (IDS) and Snort Community Rules to Detect Types of Network Attacks

by Tri Widodo, Adam Sekti Aji
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 183 - Number 42
Year of Publication: 2021
Authors: Tri Widodo, Adam Sekti Aji
10.5120/ijca2021921821

Tri Widodo, Adam Sekti Aji . Implementation of Intrusion Detection System (IDS) and Snort Community Rules to Detect Types of Network Attacks. International Journal of Computer Applications. 183, 42 ( Dec 2021), 30-35. DOI=10.5120/ijca2021921821

@article{ 10.5120/ijca2021921821,
author = { Tri Widodo, Adam Sekti Aji },
title = { Implementation of Intrusion Detection System (IDS) and Snort Community Rules to Detect Types of Network Attacks },
journal = { International Journal of Computer Applications },
issue_date = { Dec 2021 },
volume = { 183 },
number = { 42 },
month = { Dec },
year = { 2021 },
issn = { 0975-8887 },
pages = { 30-35 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume183/number42/32212-2021921821/ },
doi = { 10.5120/ijca2021921821 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:19:28.328971+05:30
%A Tri Widodo
%A Adam Sekti Aji
%T Implementation of Intrusion Detection System (IDS) and Snort Community Rules to Detect Types of Network Attacks
%J International Journal of Computer Applications
%@ 0975-8887
%V 183
%N 42
%P 30-35
%D 2021
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered. Administrators can certainly implement firewalls on managed networks, but not necessarily implement IDS. IDS has a detection function, so administrators will get notifications when there are activities that are prohibited based on IDS rules. IDS rules can be set by the administrator from scratch, one by one, but administrators can also use IDS rules provided by some security sites. In this study, a network topology that is integrated with IDS will be used and implemented various rules on the IDS. The operating system used is Ubuntu and the IDS used is Snort. The IDS rules are taken from the community rules on www.snort.org. Based on the tests and simulations on the IDS, the conclusions are: IDS is effective in detecting the activity of network attacks aimed at the server and Community rules provided by the official Snort website contain rules that can be used to anticipate network attacks. Further research is expected to be able to collaborate on network security applications with artificial intelligence or machine learning applications. Research that combines computer network security applications and artificial intelligence or machine learning can improve computer network security because it is able to analyze computer network attacks or malware based on certain patterns

References
  1. Lutkevich, B. (2021, October 7). What is An Intrusion Detection System (IDS)? Definition from Searchsecurity. SearchSecurity. Retrieved November 9, 2021, from https://searchsecurity.techtarget.com/definition/intrusion-detection-system
  2. Suhartono, S., & Patta, A. R. (2017). Admin Server Network Security System with The Snort Intrusion Detection System (IDS) Method Using the ClearOS Operating System. Teknologi Elekterika Journal, 14(2), 145. https://doi.org/10.31963/elekterika.v14i2.1220
  3. Jacob, N.M, & Wanjala, M.Y. (2017). A Review of Intrusion Detection Systems. Global Journal of Computer Science and Technology, 17(3), 10.
  4. Tasneem, A., Kumar, A., & Sharma, S. (2018). Intrusion Detection Prevention System Using Snort. International Journal of Computer Applications, 181(32), 21–24. https://doi.org/10.5120/ijca2018918280
  5. Sandi, D. V., & Arrofiq, M. (2018). Implementation of Snort-Based NIDS analysis with the Fuzy Method To Overcome Lorawan Attacks. RESTI Journal (Rekayasa Sistem Dan Teknologi Informasi), 2(3), 685–696. https://doi.org/10.29207/resti.v2i3.504
  6. Alamsyah, H., -, R., & Al Akbar, A. (2020). Network Security Analysis Using a Network Intrusion Detection and Prevention System. JOINTECS (Journal of Information Technology and Computer Science), 5(1), 17. https://doi.org/10.31328/jointecs.v5i1.1240
  7. Ardiyasa, I. W. (2019). Forensic Network Analysis Application for Attack Analysis on Syslog Server. RESEARCH: Computer, Information System & Technology Management, 2(2), 59. https://doi.org/10.25273/research.v2i02.5220
  8. Lukman, L., & Suci, M. (2020). Comparative Analysis of the Performance of Snort and Suricata as an Intrusion Detection System in Detecting SYN Flood Attacks on the Apache Web Server. Respati, 15(2), 6. https://doi.org/10.35842/jtir.v15i2.343
  9. Purba, W. W., & Efendi, R. (2021). Design and Analysis of Computer Network Security Systems Using Snort. AITI, 17(2), 143–158. https://doi.org/10.24246/aiti.v17i2.143-158
  10. Erlansari, A., Coastera, F. F., & Husamudin, A. (2020). Early Intrusion Detection System (IDS) Using Snort and Telegram Approach. SISFORMA, 7(1), 21. https://doi.org/10.24167/sisforma.v7i1.2629
  11. Khamphakdee, N., Benjamas, N., & Saiyod, S. (2015). Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining. Journal of ICT Research and Applications, 8(3), 234–250. https://doi.org/10.5614/itbj.ict.res.appl.2015.8.3.4
  12. Snort rules and IDS software download. (n.d.). Retrieved November 9, 2021, from https://www.snort.org/downloads.
Index Terms

Computer Science
Information Sciences

Keywords

Keywords Intrusion detection system (IDS) Snort Community Rule Network Attack