M. Roesch, "Snort Lightweight Intrusion Detection for Networks", in USENIX LISA 1999, Nov 1999.
|Snort Lightweight Intrusion Detection for Networks|
|Published:||USENIX LISA, 1999|
|Abstract:||Network intrusion detection systems (NIDS) are an important part of any network security architecture. They provide a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected. Commercial NIDS have many differences, but Information Systems departments must face the commonalities that they share such as significant system footprint, complex deployment and high monetary cost. Snort was designed to address these issues.|