Heuristic-based Intrusion Detection Functionality in a Snort Environment

Publication Type:

Journal Article

Source:

Information & Security: An International Journal, Volume 50, Issue 1, p.23-36 (2021)

Keywords:

Cybersecurity, heuristic algorithm, intrusion detection, network attack

Abstract:

<p style="margin-left:19.85pt;">This article provides an introduction to intrusion detection systems, focusing on extending the Snort environment&rsquo;s functionalities by adding a new heuristic detection algorithm. The algorithm allows to detect selected types of cyberattacks through analysis of received packets and based on a list of malicious Internet Protocol addresses. Furthermore, the algorithm underwent functional verification. The results confirmed that the algorithm successfully detects the packets originating from the provided list and rates them accordingly.</p>