دراسة ومقارنة أنظمة كشف الاختراقات المفتوحة المصدر

Authors

  • بشرى ديوب

Abstract

ظهرت أنظمة كشف الاختراقات Intrusion Detection Systems IDS، من أجل زيادة وتطوير الأمن في الشبكات، وأصبحت فعالة لحماية الشبكات الداخلية internal networks من الهجمات الخارجية، واتخاذ الإجراءات المناسبة ضد المخترقين intruders. كما تستخدم أنظمة كشف الاختراق تقنيات من أجل جمع معلومات عن الهجوم، ومن الممكن استخدام هذه المعلومات كدليل ضد المهاجم. تستخدم أنظمة كشف الاختراقات طرائق مختلفة في عملية الكشف، فبعضها يستخدم التواقيع في الكشف signature based، وبعضها يكشف الشذوذ anomaly based، وغيرها من الطرائق. يقارن هذا البحث التقنيات المستخدمة في أنظمة كشف الاختراق، ويركز على الأنظمة التي تستخدم التواقيع في عملية الكشف، وبالأخص النظامين snort وBro، وهما من الأنظمة المفتوحة المصدر open source، ومقارنة الإنذارات التي يطلقها النظامان عند تطبيق أداة توليد الهجمات IDSWakeup. With the recent advances in the field of network security, a technique called Intrusion Detection System IDS is developed to further enhance and make network secure. It is a way by which we can protect our internal network from outside attack, and can take appropriate action if needed. Using intrusion detection methods, information can be collected from known types of attack and can be used to detect if someone is trying to attack the network. Many techniques are there to detect intrusion in a network like signature matching, anomaly based and others. The work presented here studies and compares the techniques used by intrusion detection systems, and focuses on the signature matching technique. It discusses the open source, free intrusion detection system Snort. Another open source intrusion detection system Bro is also discussed. It compares these systems alarms against the open source tool IDSWakeup.

Downloads

Published

2016-11-28

How to Cite

1.
ديوب ب. دراسة ومقارنة أنظمة كشف الاختراقات المفتوحة المصدر. Tuj-eng [Internet]. 2016Nov.28 [cited 2024Apr.26];37(5). Available from: https://journal.tishreen.edu.sy/index.php/engscnc/article/view/2232

Issue

Vol. 37 No. 5 (2015): العلوم الهندسية

Section

Articles

License

Copyright (c) 2016 ttps://creativecommons.org/licenses/by-nc-sa/4.0/

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

The authors retain the copyright and grant the right to publish in the magazine for the first time with the transfer of the commercial right to Tishreen University Journal for Research and Scientific Studies - Engineering Sciences Series

 Under a CC BY- NC-SA 04 license that allows others to share the work with of the work's authorship and initial publication in this journal. Authors can use a copy of their articles in their scientific activity, and on their scientific websites, provided that the place of publication is indicted in  Tishreen University Journal for Research and Scientific Studies - Engineering Sciences Series   .  The Readers have the right to send, print and subscribe to the initial version of the article, and the title of  Tishreen University Journal for Research and Scientific Studies - Engineering Sciences Series     Publisher

journal uses a CC BY-NC-SA license which mean

You are free to:

  • Adapt — remix, transform, and build upon the material
  •  
  • The licensor cannot revoke these freedoms as long as you follow the license terms.

 

  • Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
  • NonCommercial — You may not use the material for commercial purposes.
  • ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
  • No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.