Analiza zmogljivosti in odkrivanja napadov sistemov za zaznavanje in preprečevanje vdorov
magistrsko delo
Abstract
V magistrskem delu so predstavljeni sistemi za zaznavanje in preprečevanje vdorov, njihova vloga pri zagotavljanju omrežne varnosti in spremljanju aktivnosti v omrežju. Opisane so najpogostejše delitve tovrstnih sistemov in glavne metode zaznavanja. V okviru magistrske naloge sta bila izvedena dva eksperimenta, ki sta proučevala vpliv dveh odprtokodnih rešitev Snort in Suricata, operacijskih sistemov Windows in Linux ter izvajanja različnih napadov na porabo sistemskih virov, odstotek zavrženih paketov in sposobnost zaznavanja napadov. Rezultati so na obeh platformah pokazali večjo obremenitev procesorja in pomnilnika Suricate pri vseh simuliranih napadih, vendar manjši odstotek zavrženih omrežnih paketov pri petih od šestih napadov v primerjavi z rešitvijo Snort. Primerjava sposobnosti zaznavanja vdorov ni pokazala razlik v številu zaznanih napadov obeh rešitev.
Keywords
zaznavanje vdorov;preprečevanje vdorov;Snort;Suricata;
Data
| Language: | Slovenian |
|---|---|
| Year of publishing: | 2015 |
| Typology: | 2.09 - Master's Thesis |
| Organization: | UM FERI - Faculty of Electrical Engineering and Computer Science |
| Publisher: | J. Legvart |
| UDC: | 004.056(043.2) |
| COBISS: |
19402006
|
| Views: | 916 |
| Downloads: | 176 |
| Average score: | 0 (0 votes) |
| Metadata: |
|
Other data
| Secondary language: | English |
|---|---|
| Secondary title: | PERFORMANCE AND ATTACK DETECTION ANALYSIS OF INTRUSION DETECTION AND PREVENTION SYSTEMS |
| Secondary abstract: | This master thesis describes intrusion detection and prevention systems, how they are used to increase network security and monitor network traffic. The dissertation includes most common classifications of intrusion detection and prevention systems with main detection methodologies. Two experiments were run to evaluate the effects of open source intrusion detection and prevention systems Snort and Suricata, operating systems Windows, Linux and various attack types on system resource usage, dropped packets rate and ability to detect intrusions. The results showed that Suricata had higher CPU and RAM utilization than Snort in all cases on both operating systems but lower percentage of dropped packets when evaluated under five of six simulated attacks. Both products had the same number of correctly identified intrusions. |
| Secondary keywords: | intrusion detection;prevention systems;Snort;Suricata; |
| URN: | URN:SI:UM: |
| Type (COBISS): | Master's thesis/paper |
| Thesis comment: | Univ. v Mariboru, Fak. za elektrotehniko, računalništvo in informatiko, Informatika in tehnologije komuniciranja |
| Pages: | X, 118 str. |
| ID: | 9078317 |
Recommended works:
Analiza zmogljivosti in odkrivanja napadov sistemov za zaznavanje in preprečevanje vdorov
2015,
magistrsko delo
Tehnike odkrivanja in preprečevanja vdorov v spletne aplikacije
2014,
diplomsko delo
Seznanjenost žensk z ukrepi preprečevanja in odkrivanja raka na materničnem vratu
2014,
[magistrska naloga]