Comparative Study of Intrusion Detection Systems against Mainstream Network Sniffing Tools

As the world embraces a technological revolution on how everyday devices are connected to the internet, users provide sensitive information using the internet which is broken down and distributed as packets throughout the network. Packet sniffers tap to these packets, capable of potentially compromising security and privacy of unsuspecting users. This study aims to put into the test some well-known Intrusion Detection Systems (IDS) and observe how they fare against popular packet-sniffing tools such as Wireshark and tcpdump. The varied sniffing methods and techniques from various sniffing tools will provide an evaluation of performance of the intrusion detection systems.

[1]   Ansari, S., Rajeev, S. & Chandrashekar, H. Packet Sniffing: A brief introduction. Potentials IEEE, Vol. 21 (5), (2002), pp. 17-19.

[2]   Chomsiri, T. Sniffing packets on LAN without ARP spoofing.  IEEE in Convergence and Hybrid Information Technology ICCIT'08. Third International Conference, Vol. 2 (1), (2008), pp. 472-477.

[3]   Anh, N. & Shorey, R. Network sniffing tools for WLANs: merits and limitations. 2005 IEEE International Conference on Personal Wireless Communications, (2005).

[4]   Hu, Q., Asghar, M. & Brownlee, N. Evaluating network intrusion detection systems for high-speed networks. Telecommunication Networks and Applications Conference (ITNAC) 2017 27^th International, (2017), pp. 1-6.

[5]   Guo, K., Lu, H. & Yu, R. Packet Capture and Protocol Analysis Based on Winpcap. 2016 International Conference on Robots & Intelligent System (ICRIS), (2016).

[6]   Goyal, P. & Goyal, A. Comparative study of two most popular packet sniffing tools-Tcpdump and Wireshark. 2017 9th International Conference on Computational Intelligence and Communication Networks (CICN), (2017).

[7]   Meghana, J., Subashri, T. & Vimal, K. A survey on ARP cache poisoning and techniques for detection and mitigation. Signal Processing Communication and Networking (ICSCN). 2017 Fourth International Conference, (2017), pp. 1-6.

[8]   Arzhakov, A. & Silnov, D. Architecture of multithreaded network scanner. IEEE Micro/Nanotechnologies and Electron Devices (EDM) 2017 18th International Conference of Young specialists, (2017), pp. 43-45.

[9]   Bhosale, D. & Mane, V. Comparative study and analysis of network intrusion detection tools. 2015 International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT), (2015).

[10] Tirumala, S., Sathu, H. & Sarrafzadeh, A. Free and open source intrusion detection systems. Machine Learning and Cybernetics (ICMLC) 2015 International Conference, (2015).

[11] Albin, E. & Rowe, N. A realistic experimental comparison of the suricata and snort intrusion -detection systems. Advanced Information Networking and Applications Workshops (WAINA) 26th International Conference, (2012).

[12] Africa, A., Mesina, A., Izon, J. & Quitevis, B. Development of a Novel Android Controlled USB File Transfer Hub. Journal of Telecommunication, Electronic and Computer Engineering, Vol. 9 (2-8), (2017), pp. 1-5.

[13] SmartSniff. (2018). https://www.nirsoft.net/utils/smsniff.html.  

[14] Wireshark. (2018).  https://www.wireshark.org/.

[15] Windump. (2013). https://www.winpcap.org/windump/.

[16] Dsniff, Dug Song. (2018). https://www.monkey.org/~dugsong/dsniff/.

[17] Cain and Abel. (2018). http://www.oxid.it/cain.html.

[18] Ettercap. (2018).  http://www.ettercap-project.org/ettercap/index.html.

[19] Network grep. (2018).  http://ngrep.sourceforge.net/usage.html.

[20] Nmap. (2018). https://nmap.org/.

[21] Africa, A., Aguilar, J., Lim Jr., C., Pacheco, P. & Rodrin, S. Automated Aquaculture System that Regulates Ph, Temperature and Ammonia. 9th International Conference on Humanoid, Nanotechnology, Information Technology, Communication and Control, Environment, and Management (HNICEM), (2017).

[22]S.Dhar. (2018). http://www.just.edu.jo/~tawalbeh/nyit/incs745/presentations/Sniffers.pdf.

 [23] A. Africa, A Rough Set-Based Expert System for diagnosing information system communication networks. International Journal of Information and Communication Technology, Vol. 11 (4), (2017), pp. 496-512.

[24]Africa, A., Bautista, S., Lardizabal, F., Patron, J. & Santos, A. Minimizing Passenger Congestion in Train Stations through Radio Frequency Identification (RFID) coupled with Database Monitoring System. ARPN Journal of Engineering and Applied Sciences, Vol. 12 (9), (2017), pp. 2863-2869.

[25] Africa, A. & Cabatuan, M. A Rough Set Based Data Model for Breast Cancer Mammographic Mass Diagnostics. International Journal of Biomedical Engineering and Technology, Vol. 18 (4), (2015), pp. 359-369.

[26] Africa, A. A Rough Set Based Solar Powered Flood Water Purification System with a Fuzzy Logic Model. ARPN Journal of Engineering and Applied Sciences, Vol. 12 (3), (2017), pp. 638-647.

[27] Africa, A. A Mathematical Fuzzy Logic Control   Systems Model Using Rough Set Theory for Robot Applications. Journal of Telecommunication, Electronic and Computer Engineering, Vol. 9 (2-8), (2017), pp. 7-11.

[28] Brucal, S., Africa, A. & Dadios, E. Female Voice Recognition using Artificial Neural Networks and MATLAB Voicebox Toolbox. Journal of Telecommunication, Electronic and Computer Engineering, Vol. 10 (1-4), (2018), pp. 133-138.

[29] Africa, A. & Velasco, J. Development of a Urine Strip Analyzer using Artificial Neural Network using an Android Phone. ARPN Journal of Engineering and Applied Sciences, Vol. 12 (6), (2017), pp. 1706-1712.

[30] Loresco, P. & Africa, A. ECG Print-out Features Extraction Using Spatial-Oriented Image Processing Techniques. Journal of Telecommunication, Electronic and Computer Engineering, Vol. 10 (1-5), (2018), pp. 15-20.

[31] Snort. (2018). https://www.snort.org/.

[32] Africa, A. A Logic Scoring of Preference Algorithm using ISO/IEC 25010:2011 for Open Source Web Applications Moodle and Wordpress. ARPN Journal of Engineering and Applied Sciences, Vol. 13 (15), (2018).

[33]Suricata. (2018). https://suricata-ids.org/.

[34] Gadde, S., Ganta, R., Gupta, A., Rao, R. & Rao, K. Securing Internet of Things (IoT) Using Honey Pots. International Journal of Engineering and Technology, Vol. 7 (2.7), (2018), pp. 820-824.