skip to main content
10.1145/1099435.1099461acmconferencesArticle/Chapter ViewAbstractPublication PagesuccsConference Proceedingsconference-collections
Article

Detecting intruders on a campus network: might the threat be coming from within?

Published: 06 November 2005 Publication History

Abstract

Campus networks, and the Information Technology organizations that support these networks, are facing security threats that are increasing in both size and complexity. Students, faculty and (non-academic) staff collectively provide a broad set of expectations and challenges to securely support. Intrusive actions and security challenges may originate outside or within a network. Security and trust can be difficult to maintain in such an environment. Intrusion detection is an important part of a comprehensive security strategy.Snort has become a popular and widely installed Intrusion Detection System (IDS). It functions as a network packet sniffer which, based on comparisons of packet contents with known virus signatures encapsulated as rules, can initiate action and record events and information related to them in a log file and/or database. Because Snort inspects all packets on a network, large amounts of data can be produced, especially until an administrator can tune the rules sets, contained in 52 separate files, to the needs of the installation. This process can lead to a large number of false alerts, which may cause real alerts to be overlooked and the viability of the tool to be questioned.This paper summarizes work with installation and implementation of Snort on a North Central College internal network, with special emphasis on access to data logged to a MySQL database as well as presentation of data through Perl scripts. Output of Perl scripts and code snippets supporting the output are also presented as basis for future efforts.

References

[1]
Beale, Jay, James C. Foster, Jeffrey Posluns, and Brian Caswell. Snort 2.0 Intrusion Detection. Rockland: Syngress Publishing, Inc. 2003.
[2]
www.snort.org
[3]
www.whitehat.org

Cited By

View all
  • (2022)'It's Problematic but I'm not Concerned': University Perspectives on Account SharingProceedings of the ACM on Human-Computer Interaction10.1145/35129156:CSCW1(1-27)Online publication date: 7-Apr-2022
  • (2014)Real Time Wireless Packet Monitoring with Raspberry Pi SnifferInformation Sciences and Systems 201410.1007/978-3-319-09465-6_20(185-192)Online publication date: 25-Sep-2014
  • (2009)Framework of Intrusion Detection System via Snort Application on Campus Network EnvironmentProceedings of the 2009 International Conference on Future Computer and Communication10.1109/ICFCC.2009.10(455-459)Online publication date: 3-Apr-2009
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SIGUCCS '05: Proceedings of the 33rd annual ACM SIGUCCS conference on User services
November 2005
482 pages
ISBN:1595932003
DOI:10.1145/1099435
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 November 2005

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. intrusion detection
  2. snort

Qualifiers

  • Article

Conference

SIGUCCS Fall05
Sponsor:

Acceptance Rates

Overall Acceptance Rate 123 of 170 submissions, 72%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)'It's Problematic but I'm not Concerned': University Perspectives on Account SharingProceedings of the ACM on Human-Computer Interaction10.1145/35129156:CSCW1(1-27)Online publication date: 7-Apr-2022
  • (2014)Real Time Wireless Packet Monitoring with Raspberry Pi SnifferInformation Sciences and Systems 201410.1007/978-3-319-09465-6_20(185-192)Online publication date: 25-Sep-2014
  • (2009)Framework of Intrusion Detection System via Snort Application on Campus Network EnvironmentProceedings of the 2009 International Conference on Future Computer and Communication10.1109/ICFCC.2009.10(455-459)Online publication date: 3-Apr-2009
  • (2007)Securing the Wireless LANs that is based on Distributed Resource Management against internal attacks2007 Innovations in Information Technologies (IIT)10.1109/IIT.2007.4430398(98-102)Online publication date: Nov-2007
  • (2007)Securing the Wireless LANs Against Internal AttacksMobile Ad-Hoc and Sensor Networks10.1007/978-3-540-77024-4_73(814-821)Online publication date: 2007

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media