Socializing Snort Firewall Alerts using Multi Agent Platform | ||
Al-Mustansiriyah Journal of Science | ||
Article 1, Volume 23, Issue 7, October 2012, Pages 181-192 | ||
Author | ||
Ethar abdul wahhab hachim | ||
Abstract | ||
Snort is Intrusion Detection System (IDS) with capabilities to sniff network traffic for further analysis, detect and alert intrusion events (i.e., any malicious action sensed from monitoring network traffic such as network flooding, ARP spoofing, SYNC flood and others). This paper is presenting development schema to integrate Snort alerts system with a fully distributed firewall by using Agent terminology, where agent can act autonomously to perceive Snort configuration file and add firewall rule according to this perceiving. Eventually, agent will broadcast detected alert to all platform members regardless network topology and segmentation | ||
Statistics Article View: 136 PDF Download: 127 |