Abstract
Nowadays, Denial of Service (DoS) attacks have become a major security threat to networks and the Internet. Therefore, even a naive hacker can launch a large-scale DoS attack to the victim from providing Internet services. This article deals with the evaluation of the Snort IDS in terms of packet processing performance and detection. This work describes the aspect involved in building campus network security system and then evaluates the campus network security risks and threats, mainly analyses the attacks DoS and DDoS, and puts forward new approach for Snort campus network security solutions. The objective is to analyze the functional advantages of the solution, deployment and configuration of the open source based on Snort intrusion detection system. The evaluation metrics are defined using Snort namely comparison between basic rules with new ones, available bandwidth, CPU loading and memory usage.
Similar content being viewed by others
References
Meena, D. and Jadon, R.S., Distributed denial of service attacks and their suggested defense remedial approaches, Int. J. Adv. Res. Comput. Sci. Manage. Stud., 2014, vol. 2, no. 4, pp. 183–197.
Patrikakis, C., Masikos, M., and Zouraraki, O., Distributed denial of service attacks, Int. Protoc. J., 2004, vol. 7, no. 4, pp. 183–197.
Computer Emergency Response Team CERT. DDoS Overview and Incident Response Guide, Computer Emergency Response Team, 2014.
Ling, Y., Gu, Y., and Wei, G., Detect SYN Flooding Attack in Edge Routers, Int. J. Secur. Appl., 2009, vol. 3, no. 1, pp. 31–45.
Choi, Y. seo., Kim, I.-K., Oh, J.-T., and Jang, J.-S., Aigg threshold based http get flooding attack detection, Proc. of the 13th International Workshop on Information Security Applications, Jeju Island, 2012, vol. 7, pp. 270–284.
Peng, T., Leckie, C., and Ramamohanarao, K., Survey of network-based defense mechanisms countering the DoS and DDoS problems, J. ACM Comput. Surv., 2007, vol. 39, no. 1, pp. 1–42.
Mirkovic, J., Martin, J., and Reihe, P., A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms. Technical Report #020018, Computer Science Department University of California, Los Angeles, 2014.
Lanke, N.M. and Raja Jacob, C.H., Detection of DDOS attacks using Snort Detection International, J. Emerging Eng. Res. Technol., 2014, vol. 2, no. 9, pp. 13–17.
Zeng, X., Peng, X., Li, M., Xu, H., and Jin, S., Research on an effective approach against DDoS attacks, Int. Conf. Res. Challenges Comput. Sci., 2009, pp. 21–23.
Alomari, E., Gupta, B.B., and Karuppayah, S., Botnet-based distributed denial of service (DDoS) attacks on web servers: Classification and Art, Int. J. Comput. Appl., 2012, vol. 49, no. 7, pp. 24–32.
Zargar, S.T., Joshi, J., and Tipper, D., A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks, IEEE Commun. Surv. Tutorials, 2013, vol. 5, no. 4, pp. 2046–2069.
Author information
Authors and Affiliations
Corresponding author
Additional information
The article is published in the original.
About this article
Cite this article
Merouane, M. An approach for detecting and preventing DDoS attacks in campus. Aut. Control Comp. Sci. 51, 13–23 (2017). https://doi.org/10.3103/S0146411616060043
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411616060043