An Analysis of Packet Fragmentation Attacks vs. Snort Intrusion Detection System
نویسنده
چکیده
When Internet Protocol (IP) packets travel across networks, they must meet size requirements defined in the network’s Maximum Transmission Unit (MTU). If the packet is larger than the defined MTU, then it must be divided into smaller pieces, which are known as fragments. Attackers can exploit this process for their own purposes by attacking the systems. Packet fragmentation attacks have caused problems for Intrusion Detection Systems (IDSs) for years. In this paper, Snort IDS was tested. VMware virtual machines were used as both the host and victim. Other tools were also implemented in order to generate attacks against the IDS. The experiment results show the performance of Snort IDS when it was being attacked, and the ability of Snort to detect attacks in different ways.
منابع مشابه
A New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملImprovement and parallelization of Snort network intrusion detection mechanism using graphics processing unit
Nowadays, Network Intrusion Detection Systems (NIDS) are widely used to provide full security on computer networks. IDS are categorized into two primary types, including signature-based systems and anomaly-based systems. The former is more commonly used than the latter due to its lower error rate. The core of a signature-based IDS is the pattern matching. This process is inherently a computatio...
متن کاملNetwork Intrusion Detection System Using Neural Network Classification of Attack Behavior
Intrusion Detection Systems (IDS) have become a necessity in computer security systems because of the increase in unauthorized accesses and attacks. Intrusion Detection is a major component in computer security systems that can be classified as Host-based Intrusion Detection System (HIDS), which protects a certain host or system and Network-based Intrusion detection system (NIDS), which protect...
متن کاملRule-Based Network Intrusion Detection System for Port Scanning with Efficient Port Scan Detection Rules Using Snort
In the field of network security, researchers have implemented different models to secure the network. Intrusion Detection System is also one of them and Snort is an open source tool for Intrusion Detection and Prevention System. Today intrusion Detection System is a growing technology in network security and mostly researchers have focused in this field, some of them used signature or rule-bas...
متن کاملImproved Intrusion Detection System through Rule Based Approach on ICMP Protocol for Real Time Network
Abstract—In the field of network security, researchers have implemented different models to secure the network. Intrusion Detection System is also one of them and Snort is an open source tool for Intrusion Detection and Prevention System. Today intrusion Detection System is a growing technology in network security and mostly researchers have focused in this field, some of them used signature or...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012