Date Added: Mar 2013
Intrusion Detection Systems are not easily constructed or maintained due to the almost daily evolution of network traffic and known exploits. The research in this paper evaluates it through analysis of the documentation published for the University Network as well as experimentation using different rule customizations. Snort is selected because of its price and easy customization through the manipulation of its rules files. This shows that this benchmarking system can be easily manipulated. Developers looking to enhance performance can alter their rules files to better detect attacks. This system can be manipulated to produce better results, and thus becomes less a test of developers testing their true systems and more a test of how well developers can interpret the testing data.