(WHASG) Automatic SNORT Signatures Generation by Using Honeypot
An Intrusion Detection System (IDS) is an important network security component that is used to monitor network traffic and detect attack attempts. A signature based intrusion detection system relies on a set of predefined signatures to detect an attack. Due to \"Zero-day\" attacks (i.e. new unknown attacks) conventional IDS will not be able to detect these new attacks until the signatures are updated. Writing efficient new signatures to update the IDS signature database requires that the attack is first detected then studied and analyzed.