With the advent of a range of intrusion detection and prevention systems out in the market and Snort IPS standing out from others, always there have been efforts to improve upon the current scenario. Here, a novel technique that can curb many of the current Denial-of-Service attacks which usually disrupts the network connectivity by consuming a large amount of bandwidth is discussed. The Better Snort Intrusion Detection/Prevention System (BSnort) uses Aho-Corasick automaton for the deep packet inspection and makes use of the modified Snort signatures which utilizes minimum amount of CPU and memory. The BSnort stands out from other Network Intrusion Detection Systems (NIDSs) in its integrated use of anomaly detection approach to find out novel attacks using the packet header along with the use of known attack signatures for the payload to pin-point intrusions. © 2012 IEEE.
cited By (since 1996)0; Conference of org.apache.xalan.xsltc.dom.DOMAdapter@1b3021da ; Conference Date: org.apache.xalan.xsltc.dom.DOMAdapter@74fe7d27 Through org.apache.xalan.xsltc.dom.DOMAdapter@6fcac772; Conference Code:95653
Ra Padmashani, Shiju Sathyadevan, and Dath, Da, “BSnort IPS: Better snort intrusion detection/prevention system”, in International Conference on Intelligent Systems Design and Applications, ISDA, Kochi, 2012, pp. 46-51.