Intrusion Detection System Snort Real time Notification Instant Messaging Command Line Interface ABSTRACT Snort is widely used Intrusion Detection System (IDS) software for detecting security incidents on the network. The Snort alerts are stored in a database that can be accessed by additional interfaces such as BASE web application. That architecture should be checked periodically to avoid missing an attack. However it is possible, an attack known sometime after the event so that the response may be too late to do. This research aims to build a cheap and reliable solution for Snort reporting system that provides notification of Snort alerts in a real time manner which can be accessed mobile. We utilize an instant messaging application to alert the user and as a command line interface (CLI) that enables user to obtain detail information of each alert sent by the server. Experiment results show that the system is able to send notifications to the user within an acceptable delay interval of 0.87 seconds, on average.
[1]
Martin Roesch,et al.
Snort - Lightweight Intrusion Detection for Networks
,
1999
.
[2]
W. Buxton.
Human-Computer Interaction
,
1988,
Springer Berlin Heidelberg.
[3]
Johnny S. Wong,et al.
A taxonomy of intrusion response systems
,
2007,
Int. J. Inf. Comput. Secur..
[4]
Mohd Suhaimi Sauti,et al.
Proactive notification system using instant messaging bot (IM bot)
,
2010,
2010 International Conference on Science and Social Research (CSSR 2010).
[5]
S. K. Srivatsa,et al.
Detecting and preventing attacks using network intrusion detection systems
,
2008
.
[6]
Shyan-Ming Yuan,et al.
Next Generation Notification System Integrating Instant Messengers and Web Service
,
2007,
2007 International Conference on Convergence Information Technology (ICCIT 2007).