- مبلغ: ۸۶,۰۰۰ تومان
- مبلغ: ۹۱,۰۰۰ تومان
Nowadays, Denial of Service (DoS) attacks have become a major security threat to networks and the Internet. Therefore, even a naive hacker can launch a large-scale DoS attack to the victim from providing Internet services. This article deals with the evaluation of the Snort IDS in terms of packet processing performance and detection. This work describes the aspect involved in building campus network security system and then evaluates the campus network security risks and threats, mainly analyses the attacks DoS and DDoS, and puts forward new approach for Snort campus network security solutions. The objective is to analyze the functional advantages of the solution, deployment and configuration of the open source based on Snort intrusion detection system. The evaluation metrics are defined using Snort namely comparison between basic rules with new ones, available bandwidth, CPU loading and memory usage.
Denial of service attacks and specially Distributed Denial of service attack are hazardous for the internet and web services. According to the surveys, the percentage of attacks is at exponential rise with new and sophisticated techniques. This is a problem when security students are exposed to several DoS and DDoS tools on offensive techniques, it is necessary that students know how to attack and anatomize offensive techniques to truly understand how to defend networks and computer systems, and strengthen their security skills. This research aimed at evaluating some defense methods against DoS and DDoS attacks executed using LOIC and Slowloris, pointing out which one is the most effective. This tool supports three different types of attack. The only difference between them is the protocol used to send messages to the targets, where TCP, UDP or HTTP can be selected. The second sub question was answered by showing that SNORT, which is currently one of the most used network intrusion detection systems, has already rule sets available to protect against DDoS attacks executed using LOIC or Slowloris but with our new rules, the detection rate has improved approximately 43.95%. Nevertheless, in this research only SNORT was tested. There are several other intrusion detection systems, which could be used against LOIC or Slowloris. Their effectiveness has to be ascertained as well.