Defending against bruteforc attack using open source — SNORT

Bharati, Manisha; Tamane, Sharvari

doi:10.1109/icici.2017.8365267

Cited by 3 publications

(1 citation statement)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Brute force attacks Brute force attacks involve a variety of hacking techniques that employ password guessing to gain access to a system. Numerous amounts of passwords or passphrases are submitted by the attacker in the anticipation of accurately guessing it [Bharati, et al, 2017].…”

Section: Performance Evaluation Metrics and Confusion Matrixmentioning

confidence: 99%

An Empirical Investigation on Snort NIDS versus Supervised Machine Learning Classifiers

Abdulrezzak¹,

Sabir²

2023

jcoeng

View full text Add to dashboard Cite

With the vast usage of network services, Security became an important issue for all network types. Various techniques emerged to grant network security; among them is Network Intrusion Detection System (NIDS). Many extant NIDSs actively work against various intrusions, but there are still a number of performance issues including high false alarm rates, and numerous undetected attacks. To keep up with these attacks, some of the academic researchers turned towards machine learning (ML) techniques to create software that automatically predict intrusive and abnormal traffic, another approach is to utilize ML algorithms in enhancing Traditional NIDSs which is a more feasible solution since they are widely spread. To upgrade the detection rates of current NIDSs, thorough analyses are essential to identify where ML predictors outperform them. The first step is to provide assessment of most used NIDS worldwide, Snort, and comparing its performance with ML classifiers. This paper provides an empirical study to evaluate performance of Snort and four supervised ML classifiers, KNN, Decision Tree, Bayesian net and Naïve Bays against network attacks, probing, Brute force and DoS. By measuring Snort metric, True Alarm Rate, F-measure, Precision and Accuracy and compares them with the same metrics conducted from applying ML algorithms using Weka tool. ML classifiers show an elevated performance with over 99% correctly classified instances for most algorithms, While Snort intrusion detection system shows a degraded classification of about 25% correctly classified instances, hence identifying Snort weaknesses towards certain attack types and giving leads on how to overcome those weaknesses. es.

show abstract

Section: Performance Evaluation Metrics and Confusion Matrixmentioning

confidence: 99%