Abstract:

This article presents a comparative analysis of an implemented modern Intrusion Detection System (IDS) based on artificial intelligence algorithms and traditional solutions, with particular emphasis on the Snort platform. The study includes a comprehensive evaluation of the effectiveness of various IDS/IPS systems in test environments, analyzing their ability to detect and block network and application-level attacks. The model based on the RandomForestClassifier algorithm achieved 99% accuracy, demonstrating high effectiveness in detecting UDP flood attacks. The comparison with Snort 3 system reveals significant differences in detection methods, operational efficiency, and practical aspects of implementation. The research results indicate the complementary nature of AI-based systems and traditional signature-based methods, suggesting the optimal use of both approaches depending on the environment’s characteristics and security requirements.