A Study on Intrusion Detection Systems with a Practical Experiment on Snort - Vigneshwar Sethuraman

BSides Vancouver 2021

In this talk, an overview of the Intrusion detection systems and the things that I followed for snort implementation will be discussed with an overview of its types, methodologies, and vulnerabilities. Additionally, there was a detailed discussion on the existing vulnerabilities and ineffective design in the Intrusion detection systems, focusing on the network and host-based intrusion detection systems. The comparison between common intrusion detection tools based on the detection and system performance metrics will also be discussed. Snort tool has been implemented and shown with the multiple test case scenarios with the appropriate output achieved for each test case. And how to improve the existing Intrusion detection systems by eliminating the difficulties and challenges through the defense in depth mechanism and through the central management system that contains multiple additional controls in it that can be placed to overcome the existing shortcomings by working concurrently. Therefore to give an overview of security posture and the prevention of future threats.