Free and open source intrusion detection systems : a study

Abstract

Importance of cyber security cannot be denied in the current cyber environment. With continuous growth of internet, cyber security has become a necessity for both big and reputed organizations as well as small businesses and individuals.

Intrusion detection systems (IDS) are considered to be an efficient way for detecting and preventing cyber security threats. However, there has been not enough attention and awareness on intrusion detection and prevention systems, especially among small businesses and individuals. Due to this, selection and deployment of IDS is significance in regard to this subject being considered highly technical, expensive and time consuming process. To overcome this, it is necessary to create an awareness of IDS tools which forms the basis of this paper.

This study is the first phase of an ongoing research. In this phase, we present a detailed study of three free and open source IDS tools which are most popular in their respective categories. The IDS software used for this study are Suricata, a Network based Intrusion Detection System (NIDS), Samhain, a Host Based Intrusion Detection System (HIDS) and Ironbee, a universal web application firewall system.

This study of IDS tools at one place will serve as a knowledge source for both technical and non-technical audience, small businesses which may not afford experienced security consultants. Further, this will also help in identifying suitable IDS software for their respective organization.