Aanya Menon
Independent Researcher
India
Abstract
Intrusion Detection Systems (IDS) play a critical role in network security by monitoring and analyzing network traffic to detect malicious activities. Among various IDS solutions, Snort has emerged as a widely adopted open-source network intrusion detection and prevention system due to its versatility, performance, and community support. This manuscript presents a comprehensive study on the design and implementation of an IDS using the Snort framework, focusing on its architecture, rule-based detection methodology, and performance evaluation in detecting common network attacks. The study demonstrates the effectiveness of Snort in real-time packet analysis, alert generation, and proactive security enforcement, confirming its suitability for integration into enterprise networks. Experimental results validate the capability of Snort to detect various attacks with high accuracy while maintaining manageable system overhead.
Keywords
Intrusion Detection System, Snort, Network Security, Rule-Based Detection, Packet Analysis, Open-Source IDS
References
- Roesch, M. (1999). Snort – Lightweight Intrusion Detection for Networks. In Proceedings of the 13th USENIX Conference on System Administration (pp. 229–238). USENIX Association.
- Singh, S., & Silakari, S. (2009). A survey of cyber-attack detection systems. International Journal of Computer Science and Information Security, 7(2), 105–110.
- Rathi, P., Patel, A., & Patel, S. (2012). Network Intrusion Detection with SNORT: A study. International Journal of Engineering Research and Applications, 2(2), 1024–1028.
- Bace, R. G., & Mell, P. (2001). Intrusion Detection Systems. NIST Special Publication 800-31. National Institute of Standards and Technology.
- Saranya, P., & Umamaheswari, R. (2014). Intrusion Detection System Using Snort. International Journal of Innovative Research in Science, Engineering and Technology, 3(3), 10217–10222.
- Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94.
- Rajesh, V., & Sivasankari, S. (2015). An Effective Network Intrusion Detection System Using Snort Rules. International Journal of Advanced Research in Computer Science and Software Engineering, 5(1), 267–272.
- Todorov, N. (2013). Building an Intrusion Detection System with Snort. SANS Institute Reading Room, GIAC Security Essentials Certification (GSEC).
- Irshad, S., & Mahmood, A. (2016). Snort-based IDS with improved alert system and reporting. International Journal of Computer Applications, 152(5), 16–21.
- Syed, A. A., & Syed, A. M. (2018). A Survey Paper on Intrusion Detection System Using Snort. International Journal of Computer Applications, 180(8), 22–25.
