Intrusion Detection And Prevention Systems Using Novel Honeypot

The title of this work is Honey Pot Intrusion Detection and Prevention Systems. Intrusion is a major threat to security in computer and network systems. A network attack is an illegal intentional effort to compromise network security by gaining access to information, manipulating the same thereb

Project Title

Intrusion Detection And Prevention Systems Using Novel Honeypot

Project Area of Specialization

Cyber Security

Project Summary

The title of this work is Honey Pot Intrusion Detection and Prevention Systems. Intrusion is a major threat to security in
computer and network systems. A network attack is an illegal intentional effort to compromise network security by gaining access to information, manipulating the same thereby rendering a system untrustworthy.  This, arises from the fact that as, experts seek means to tackle intrusion, would be intruders are also working tirelessly hard at devising ways to perpetrate their unlawful activities, necessitating a need for the deployment of IDPS to prevent the intrusion by attackers into what is meant to be a secure system, and the advancement of future safeguards against malicious attacks. In this study, a honeypot based approach is proposed, which
can be used on the network security for the real-time intrusion detection and prevention systems. For this proposed novel approach, an effective software tool was developed. The developed system is a hybrid honeypot that combines the superior properties of low and high interaction honeypots in a single structure. The honeypot looks like a real computer system, with applications and data, fooling cybercriminals into thinking it's a legitimate target. Once the hackers are in, they can be tracked, and their behavior assessed for clues on how to make the real network more secure.

Project Objectives

In order to ensure the security of information systems, a honeypot-based approach for real time intrusion detection and prevention systems (IDPS) is proposed. In which we trap the attackers and make system more secure.

Project Implementation Method

In our application work to monitor enterprise network traffic, analyze it to avoid malicious activities, a honeypot-based attack detection and prevention design has been developed. The basis components of this developed application can be viewed in three groups, namely “the honeypot server application” that can simulate trap systems, “the monitor application” on which can be displayed the animations that are detected from honeypot communication server, and by this monitor application honeypot server application configurations done, and “the IDS application” which is a server application where the packets come to the honeypot server by trapping are sent to the monitor.

The developed system is honeypot based IDPS type that visualizes the network traffic on servers in real-time animation, similar to the global live attack maps. Global live attack maps can be used to see real global attacks, especially in real-time. Our developed system presents a live attack map of a real server traffic as an instance of a campus network, which can be used by any corporate or institutional network as well.

The honeypot server, monitor and IDS applications by the virtualization technology have been logically separated from each other and they have been provided to run on a physical machine. Thereby, if the intruder compromises the honeypot that it has been trapped by, possible risks will have been minimized.

Benefits of the Project

1. It monitors the working of routers, firewall, key servers and files. It uses its extensive attack signature database, raises an alarm and sends appropriate notifications on detecting a breach.
2. By using the signature database, IDS ensures quick and effective detection of known anomalies with a low risk of raising false alarms.
3. It analyzes different types of attacks, identifies patterns of malicious content and help the administrators to tune, organize and implement effective controls.
4. It helps the company maintain regulatory compliance and meet security regulations as it provides greater visibility across the entire network.
5. Monitor and evaluate threats, catch intruders and take action in real time to thwart such instances that firewall or antivirus software may miss.
6. Prevent DoS/DDoS attacks.
7. Maintain the privacy of users as IPS records the network activity only when it finds an activity that matches the list of known malicious activities.
8. An IDPS is an active control mechanism that monitors the network traffic flow. It identifies and averts vulnerability exploits in the form of malicious inputs that intruders use to interrupt and gain control of an application or system.

Technical Details of Final Deliverable

• The developed IDPS application can protect the network from attacks by detecting and blocking the delivery of the packets if they match with an attack signature.
• The developed applications in this work are designed to be installed and used as a novel honeypot-based IDPS that reduces the cost of information security in an enterprise network.

Final Deliverable of the Project

Software System

Core Industry

Security

Other Industries

IT

Core Technology

Others

Other Technologies

Others

Sustainable Development Goals

Quality Education, Decent Work and Economic Growth, Industry, Innovation and Infrastructure

Required Resources

If you need this project, please contact me on contact@adikhanofficial.com