Open AccessDESIGNING RULES TO IMPLEMENT RECONNAISSANCE AND UNAUTHORIZED ACCESS ATTACKS FOR INTRUSION DETECTION SYSTEM
Author(s) -
Subhi A. Mohammed
Publication year - 2019
Publication title -
iraqi journal of information and communication technology/iraqi journal of information and communication technology
Language(s) - English
Resource type - Journals
eISSN - 2789-7362
pISSN - 2222-758X
DOI - 10.31987/ijict.2.2.67
Subject(s) - computer science , network packet , denial of service attack , intrusion detection system , computer security , computer network , payload (computing) , packet analyzer , encryption , set (abstract data type) , network security , deep packet inspection , operating system , the internet , programming language
- Network attacks are classified according to their objective into three types: Denial of Services (DOS), reconnaissance and unauthorized access. A base signature Intrusion Detection System (IDS) which gives an alarm when the monitor network traffic meets a previously specified set of criteria of attack traffic. This paper will focus on design, compose, and process IDS rules, and then to decide whether that packet is intrusive or not, by examining the signatures of the attacks in both incoming packets headers and payload to networks. Packet sniffer is performs capturing, decoding and reassembling of the network packet traffic, then passes it to the programmed rules. Linux backtrack tools was used to implement an IDS scenario for two types of attacks (Reconnaissance and Unauthorized access). The results show that IDS rules are able to detect large numbers of various attacks.