Automated Signature Generation for Internet attacks using Hybrid Intrusion Detection System

Main Article Content

Prof. S.S. Manivannan


As the usage of internet systems get expanded, the probability of undetected intrusions from internet are increasing in day by day.
This paper proposes a hybrid approach for detecting the internet intrusions that not only maximizes the detection rate of intrusions but also
reducing the false alarm rate. Whenever the connection episode from internet exceeds certain standard boundaries, rules are automatically
generated using SNORT and stored in the rules database. The generated signature is mapped with the rules database and the corresponding
intrusion (s) is detected if the match exists. The overall false alarm rate occurring in detecting the intrusion (s) is reduced by fixing the medium
level of threshold for boundary conditions. The entire system is implemented in real time using winPcap, javaPcap and SNORT tools.


Keywords: intrusion detection; signature generation; false alarm rate; hybrid system; boundaries; SNORT rules.


Download data is not yet available.

Article Details