Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Evaluation of Intrusion Detection Systems under Denial of Service Attack in virtual  Environment
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.
2017 (engelsk)Independent thesis Advanced level (degree of Master (Two Years)), 20 poäng / 30 hpOppgave
Abstract [en]

Context. The intrusion detection systems are being widely used for detecting the malicious

traffic in many industries and they use a variety of technologies. Each IDs had different

architecture and are deployed for detecting malicious activity. Intrusion detection system has

a different set of rules which can defined based on requirement. Therefore, choosing intrusion

detection system for and the appropriate environment is not an easy task.

Objectives. The goal of this research is to evaluate three most used open source intrusion

detection systems in terms of performance. And we give details about different types of attacks

that can be detected using intrusion detection system. The tools that we select are Snort,

Suricata, OSSEC.

Methods. The experiment is conducted using TCP, SCAN, ICMP, FTP attack. Each

experiment was run in different traffic rates under normal and malicious traffics all rule are

active. All these tests are conducted in a virtual environment.

Results. We can calculate the performance of IDS by using CPU usage, memory usage, packet

loss and a number of alerts generated. These results are calculated for both normal and

malicious traffic.

Conclusions. We conclude that results vary in different IDS for different traffic rates.

Specially snort showed better performance in alerts identification and OSSEC in the

performance of IDS. These results indicated that alerts are low when the traffic rates high are

which indicates this is due to the packet loss. Overall OSSEC provides better performance.

And Snort provides better performance and accuracy for alert detection.

sted, utgiver, år, opplag, sider
2017. , s. 57
Emneord [en]
snort, suricata, ossec, intrusion detection system
HSV kategori
Identifikatorer
URN: urn:nbn:se:bth-15796OAI: oai:DiVA.org:bth-15796DiVA, id: diva2:1176622
Fag / kurs
DV2572 Master´s Thesis in Computer Science
Utdanningsprogram
Civil Engineer in software Engineering
Presentation
2017-05-31, 13:00, Blekinge Tekniska Högskola, 371 79 Karlskrona, karlskrona, 19:18 (engelsk)
Examiner
Tilgjengelig fra: 2018-01-24 Laget: 2018-01-22 Sist oppdatert: 2018-01-24bibliografisk kontrollert

Open Access i DiVA

fulltext(845 kB)620 nedlastinger
Filinformasjon
Fil FULLTEXT02.pdfFilstørrelse 845 kBChecksum SHA-512
194f28ddd4f18a906c252d65fdfa9c2bc59ce61c512d4e983291b4eee9a5943b82fec40440fab4645ea58862b65201a82fb3ba2b069936acbe50b31109afb8ca
Type fulltextMimetype application/pdf

Søk i DiVA

Av forfatter/redaktør
nagadevara, venkatesh
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 620 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 160 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf