Skip to Main content Skip to Navigation
Journal articles

Optimisation de la détection de Snort par le préprocesseur Global SPADE

Abstract : In this paper, we propose a new intrusion detection system (IDS) approach based on the Snort IDS. In fact, current IDS showed unsatisfactory performances in terms of detection. Snort is a prevention and intrusion detection system, which combines the techniques of based-signature detection and based-statistical detection; the latter is the case of the preprocessor SPADE which is based on the probabilities and the Bayesian networks in order to identify scores of abnormal packets in an IP network. SPADE improves the detection yet it increases the number of the false positive alarms. For these reasons, we propose a cooperation approach among the SPADE preprocessors of several IDS, in order to improve the intrusions detection and minimize the number of the false positive alarms. In this article, we present the architecture of our Global SPADE preprocessor. We believe that this approach should optimize the detection capability in a fully distributed and autonomous environment.
Document type :
Journal articles
Complete list of metadata
Contributor : Jean-Baptiste VU VAN Connect in order to contact the contributor
Submitted on : Monday, May 25, 2020 - 3:23:10 PM
Last modification on : Sunday, June 26, 2022 - 4:39:23 AM


  • HAL Id : hal-02618734, version 1



Rida Khatoun, Dominique Gaïti, Leila Merghem-Boulahia, Ahmed Serhrouchni. Optimisation de la détection de Snort par le préprocesseur Global SPADE. La Revue de l'électricité et de l'électronique, Société de l'Électricité, de l'Électronique et des Technologies de l'Information et de la Communication, 2008, 9 (79), pp.88-93. ⟨hal-02618734⟩



Record views