Visible to the public Biblio

Filters: Keyword is signature based detection method  [Clear All Filters]
2020-12-01
Hendrawan, H., Sukarno, P., Nugroho, M. A..  2019.  Quality of Service (QoS) Comparison Analysis of Snort IDS and Bro IDS Application in Software Define Network (SDN) Architecture. 2019 7th International Conference on Information and Communication Technology (ICoICT). :1—7.

Intrusion Detection system (IDS) was an application which was aimed to monitor network activity or system and it could find if there was a dangerous operation. Implementation of IDS on Software Define Network architecture (SDN) has drawbacks. IDS on SDN architecture might decreasing network Quality of Service (QoS). So the network could not provide services to the existing network traffic. Throughput, delay and packet loss were important parameters of QoS measurement. Snort IDS and bro IDS were tools in the application of IDS on the network. Both had differences, one of which was found in the detection method. Snort IDS used a signature based detection method while bro IDS used an anomaly based detection method. The difference between them had effects in handling the network traffic through it. In this research, we compared both tools. This comparison are done with testing parameters such as throughput, delay, packet loss, CPU usage, and memory usage. From this test, it was found that bro outperform snort IDS for throughput, delay , and packet loss parameters. However, CPU usage and memory usage on bro requires higher resource than snort.

2020-09-18
Tanrıverdi, Mustafa, Tekerek, Adem.  2019.  Implementation of Blockchain Based Distributed Web Attack Detection Application. 2019 1st International Informatics and Software Engineering Conference (UBMYK). :1—6.
In last decades' web application security has become one of the most important case study of information security studies. Business processes are transferred to web platforms. So web application usage is increased very fast. Web-based attacks have also increased due to the increased use of web applications. In order to ensure the security of web applications, intrusion detection and prevention systems and web application firewalls are used against web based attacks. Blockchain technology, which has become popular in recent years, enables reliable and transparent sharing of data with all stakeholders. In this study, in order to detect web-based attacks, a blockchain based web attack detection model that uses the signature based detection method is proposed. The signature based detection refers to the detection of attacks by looking for specific patterns against known web based attack types, such as Structured Query Language (SQL) Injection, Cross Site Scripting (XSS), Command Injection. Three web servers were used for the experimental study. A blockchain node has been installed with the MultiChain application for each server. Attacks on web applications are detected using the signature list found in the web application as well as detected using the signature list updated on the blockchain. According to the experimental results, the attacks signature detected and defined by a web application are updated in the blockchain lists and used by all web applications.