<![CDATA[Wireless Local Area Networks (WLANs), especially in public sector infrastructures, face escalating security challenges due to their open architecture and exposure to various cyber threats. This study aims to evaluate the effectiveness of integrating Snort, an intrusion detection system (IDS), with HoneyPy, a low-interaction honeypot, to enhance real-time monitoring and forensic capabilities in WLAN environments. The methodology involved deploying Snort and HoneyPy within a simulated public network setup, using Ubuntu Server as the operating platform. Network attacks were emulated using tools such as Nmap, Hydra, and Metasploit to simulate various threat scenarios. Key metrics such as detection rate, false positive rate, and system responsiveness were used to evaluate performance. Visualization and log analysis tools including Kibana and Snorby were also incorporated to interpret intrusion data effectively. Results demonstrated that Snort successfully identified common scanning techniques and DDoS patterns using rule-based detection. HoneyPy effectively captured brute-force attack behaviors and provided rich interaction logs. The integrated setup facilitated enhanced incident correlation and provided valuable insights for forensic investigation. Visualization dashboards improved threat analysis and supported adaptive response strategies. In conclusion, the combined use of Snort and HoneyPy offers a scalable and cost-effective solution for public WLAN security. It enhances detection accuracy, supports forensic readiness, and provides actionable intelligence on attack behaviors. The findings highlight the practical relevance of layered defense models, offering concrete guidance for public institutions in strengthening WLAN security and forensic readiness.]]>
Copyrights © 2024
