Managing Vulnerabilities in a Networked System
Intrusion detection systems are not easily constructed or maintained due to the almost daily evolution of network traffic and known exploits. The research in this paper evaluates it through analysis of the documentation published for the University Network as well as experimentation using different rule customizations.
Snort is selected because of its price and easy customization through the manipulation of its rules files. This shows that this benchmarking system can be easily manipulated. Developers looking to enhance performance can alter their rules files to better detect attacks. This system can be manipulated to produce better results, and thus becomes less a test of developers testing their true systems and more a test of how well developers can interpret the testing data.
The research in this project shows that benchmarking the intrusion detections systems cannot be carried out effectively at this time. Unless we develop a more advanced artificial intelligence and data mining technique, it will be very hard to evaluate the intrusion detection systems. The amount of customization that goes into effectively using one, as well as the ever-changing number of viable network exploits makes it impossible at this time.
Keywords: Vulnerabilities, Snort, security, Threats, IDS/IPS, History.
Download Full-Text
ABOUT THE AUTHORS
Muhammad Ali
Received his Master’s in Communication Systems & Networks from Mehran University of Engineering & Technology, Sindh, Pakistan in 2007. He has been working as a System Engineer in information communication department of Mehran University from 2004 to 2009 and is currently working as a Lecturer in Northern Borders University Saudi Arabia in the Department of Computer Science. His research interests include Network securities, Wireless Networks, & Cloud Computing.
Jamshed Mustafa
received the Master degree in Electrical Engineer from University Of Detroit Mercy, Detroit Michigan USA in 1991. He is working in Northern Border University Saudi Arabia in department of Electrical Engineering as Lecturer. His research interests include Computer networks, Network security and Wireless networks.
Mahera Erum Baloch
received her Master’s degree in Communication Systems & Networks from Mehran University of Engineering & Technology, Jamshoro, Pakistan, in 2011. She is currently studying towards a PhD degree in Computer Engineering at the University of Duisburg-Essen, Germany. Her research interests include Distributed & Parallel Computing, Performance Analysis & Evaluation techniques, Computer Supported Collaborative Work, & Artificial Intelligence.
Muhammad Ali
Received his Master’s in Communication Systems & Networks from Mehran University of Engineering & Technology, Sindh, Pakistan in 2007. He has been working as a System Engineer in information communication department of Mehran University from 2004 to 2009 and is currently working as a Lecturer in Northern Borders University Saudi Arabia in the Department of Computer Science. His research interests include Network securities, Wireless Networks, & Cloud Computing.
Jamshed Mustafa
received the Master degree in Electrical Engineer from University Of Detroit Mercy, Detroit Michigan USA in 1991. He is working in Northern Border University Saudi Arabia in department of Electrical Engineering as Lecturer. His research interests include Computer networks, Network security and Wireless networks.
Mahera Erum Baloch
received her Master’s degree in Communication Systems & Networks from Mehran University of Engineering & Technology, Jamshoro, Pakistan, in 2011. She is currently studying towards a PhD degree in Computer Engineering at the University of Duisburg-Essen, Germany. Her research interests include Distributed & Parallel Computing, Performance Analysis & Evaluation techniques, Computer Supported Collaborative Work, & Artificial Intelligence.
