Signature Based Intrusion Detection and Prevention System

dc.contributor.authorLakmal, G.A.H.
dc.date.accessioned2019-04-11T07:42:49Z
dc.date.available2019-04-11T07:42:49Z
dc.date.issued2013
dc.description.abstractWhen securing a computer or a network from attacks (unauthorized access), most important things is to be aware of the vulnerabilities of computers in a network, be aware of attacks and how to remove or prevent them. A honeypot is a closely monitored network decoy serving several purposes: it can distract adversaries from more valuable machines on a network, provide early warning about new attack and exploitation trends, or allow in-depth examination of adversaries during and after exploitation of a honeypot. Signature based Intrusion Detection System (IDS) has a weakness in not being able to detect unknown attacks until new signatures are created for the attack manually. This project describes an automatic rule generating system for IDS using Honeypot and honeyd. TheHoneyd is a framework for virtual honeypots that simulates virtual computer systems at the network level. The simulated computer systems appear to run on unallocated network addresses. To deceive network fingerprinting tools, Honeyd simulates the networking stack of different operating systems and can provide arbitrary routing topologies and services for an arbitrary number of virtual systems. Because deploying a physical honeypot is often time intensive and expensive as different operating systems requires specialized hardware and every honeypot requires its own physical system. This is a good and essential part of the network security environment which enables detection of suspicious packets and attacks. In this project authors focus is to create auto generated ACL for any intruder who comes to the Honeypot initially. This will prevent the intruder from hacking the system. And also web based application to review and analyze the statistics in the environment. Automatic generation of rules reduces the chance of the IDS not detecting an intrusion attempt it also reduces the workload of network administrator. Most importantly it enhances the detection ability of the IDS. When this system is used IDS will be able to quickly identify new attacks.en_US
dc.identifier.otherUWU/CST/09/0022
dc.identifier.urihttp://www.erepo.lib.uwu.ac.lk/bitstream/handle/123456789/272/UWULD%20CST%2009%200022-27032019154010.pdf?sequence=1&isAllowed=y
dc.language.isoenen_US
dc.publisherUva Wellassa University of Sri Lankaen_US
dc.subjectComputer Science and Technologyen_US
dc.titleSignature Based Intrusion Detection and Prevention Systemen_US
dc.typeThesisen_US
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
UWULD CST 09 0022-27032019154010.pdf
Size:
5.88 MB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description: