Deep Packet Inspection with Snort
In my computer networks graduate course with Dr. Varma, I looked into analyzing how Snort (an open-source Intrusion Detection System) can continually handle deep-packet inspection as signature sets (i.e. virus definitions) increase. Some network intrusions could occur by overloading an IDS with more traffic than it can handle, such that malicious packets are allowed to flow into a network without being inspected. My goal was to investigate this anomally and to see whether or not Snort is up to the challenge of protecting small- to mid-sized businesses.