DESIGN AND IMPLEMENTATION OF NETWORK INTRUSION DETECTION SYSTEM (NIDS)

DESIGN AND IMPLEMENTATION OF NETWORK INTRUSION DETECTION SYSTEM (NIDS)

---

ABSTRACT

The objective of this project is to develop a network intrusion detection system that incorporates a decoy system, specifically a honeypot. This approach effectively addresses the challenges of false positives and false negatives, as they are not easily bypassed or overcome by new exploits. One of their notable advantages is their ability to potentially identify new compromises resulting from unfamiliar or unanticipated attacks, primarily through monitoring system activity rather than relying solely on signatures. Administrators can focus on their core responsibilities without the need to allocate time for updating signature databases or patching anomaly detection engines. Honeypots effectively capture various types of attacks directed towards them. This project work utilises the UML (Unified Modelling Language) object oriented design approach. The deliverables encompass the Use-case, class diagram, activity diagram, and sequence diagram. Key activities in system design involve the formulation of system-level technical requirements, the creation of top-level system designs, and the evaluation of the design's capacity to fulfil the system requirements. The system comprises various components, including the database design, class diagrams, use-case design, activity diagram design, input design, and output design. However, the honeyd.conf file was a bit challenging to understand. Even a minor typo in the script could prevent the configuration file from running smoothly. Nevertheless, the utilisation of honeypots enables researchers and security professionals to discreetly observe malicious attackers, with the aim of gaining insights into the most up-to-date techniques and exploits in real-time.

 

CHAPTER ONE

GENERAL INTRODUCTION

Research works and experiments have convinced security experts that Network Intrusion Detection Systems (NIDS) alone are not capable of securing the computer networks from internal and external threats completely. (Renuka et al., 2011). An intrusion detection system (IDS) is a device or software application that monitors systems for malicious activities and policy violations and produces reports to a management station. Intrusion detection systems are primarily focused on identifying possible incidents, logging information about them and reporting attempts. Organizations use these systems for identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies. The goals of intrusion detection systems are to use all available information in order to detect both attacks by external hackers and misuse by insiders. IDSs are based on the belief that an attacker’s behaviour will be noticeably different from that of a legitimate user. (tzeyoung, 2009).

Intrusions can occur due to vulnerabilities in operating systems. Many common operating systems are simply not designed to operate securely. Thus, malware often is written to exploit discovered vulnerabilities in popular operating systems. Depending on the nature of the attack, many times if an operating system is compromised, it can be difficult for an IDS to recognise that the operating system is no longer legitimate. Operating Systems must be designed to better support security policies pertaining to authentication, access control and encryption. Intrusion detection uses vulnerability assessment (sometimes referred to as scanning), which is a technology developed to access the security of a computer system or network. Hackers can use malware to record keyboard strokes, then send that account and password information by hacking sites which store those details through the use of tools such as scanning tools; which they use to survey and analyse system characteristics and remote management tools; used by system’s administrators to manage a network by managing and controlling systems devices from a remote location.

According to the Information Assurance Technology Analysis Center (IATAC), 2009; IDSs are generally made up of sensors, analysers, user interfaces and honeypot. Sensors are deployed in a network or on a device to collect data, they take input from various sources, including network packets, log files and system call traces. Analysers in an IDS collect data forwarded by sensors and then determine if an intrusion has actually occurred. The user interface of the IDS gives the end user a view and way to interact with the system. Through the interface, a user can control and configure the system. Honeypot is a fully deployed IDS which administrators deploy as a bait or decoy for intruders, it can be used as early warning systems of an attack, decoys from critical systems and data collection sources for attack analysis.

Provos and Holz (2007), defined honeypot as ‘A closely monitored computing resource that we want to be probed, attacked or compromised.’ The value of a honeypot is weighed by the information that can be obtained from it. To detect malicious behaviour, a network intrusion detection system (NIDS) requires signatures of known attacks and often fail to detect compromises that were unknown at the time it was deployed. Also NIDSs produces erroneous results called false positives and false negatives, which occur when the NIDS erroneously detects a problem with benign traffic and when unwanted traffic is undetected by the NIDS respectively. On the other hand, honeypots can detect vulnerabilities that are not yet understood. For instance, a compromise can be detected by observing network traffic leaving the honeypot, even if the means of the exploit has never been seen before. Honeypots consists of unreal services such as mail, telnet, HTTP etc, database for logging, packet dispatcher and protocols such as ICMP, TCP and UDP.

BUY THIS TOPIC ON WHATSAPP

Related Project Materials

THE ROLE OF MANUFACTURING SECTOR ON ECONOMIC GROWTH AND DEVELOPMENT IN NIGERIA

Abstract

Over time, the absence of locally sourced inputs has resulted in low industrialization. This is as a result of...

Read more

THE IMPACT OF MOTIVATION ON THE PERFORMANCE OF CIVIL SERVICE IN NIGERIA

ABSTRACT

This research examined the Impact of Motivation on Performance of Civil Service in Nigeria wit...

Read more

KNOWLEDGE ON CAUSE AND PREVENTION OF ANAEMIA AMONG PREGNANT WOMEN ATTENDING ANTENATAL CLINIC

Background of the study

Anaemia describes a situation in which there...

Read more

ROLE OF LOCAL GOVERNMENT COUNCIL IN THE DEVELOPMENT OF RURAL COMMUNITIES

Abstract

The poor state of some rural community is becoming an unpleasant sight in this present age whe...

Read more

IMPACT OF COGNITIVE CONFLICT INSTRUCTIONAL MODEL ON CONCEPTUAL CHANGE AND PERFORMANCE IN GENETICS AMONG SECONDARY SCHOOL BIOLOGY STUDENTS IN POTISKUM, YOBE STATE, NIGERIA

ABSTRACT

This study investigates the Impact of Cognitive Conflict Instructional Model on Conceptual Change and Academic Performance in Ge...

Read more

GROUND ELECTROMAGNETIC AND ELECTRICAL RESISTIVITY PROSPECTING FOR ORE MINERALISATION ZONES IN TSOHON-GURUSU NIGER STATE, NORTH-CENTRAL NIGERIA

ABSTRACT

To accurately explore and develop prospective mineral deposits, systematic geophysical approaches becomes a useful tool to estab...

Read more

UNEMPLOYMENT PROBLEMS AND POOR ESTABLISHMENT OF INDUSTRIES  

ABSTRACT

Not two long ago, Abia state was under siege as a result of the activities of robbers and kidnappers. Businessmen and other prom...

Read more

IMPROVING COLLABORATION BETWEEN TECHNICAL COLLEGES AND INDUSTRIES FOR SKILL ACQUISITION IN ELECTRICAL INSTALLATION AND MAINTENANCE

ABSTRACT

The study was carried out to determined ways that could be used for improving collaboration be...

Read more

IMPACT OF SALT FM RADIO ON POLITICAL MOBILIZATION OF THE PEOPLE OF EZZA NORTH L.G.A. OF EBONYI STATE

Abstract This research work examined the impact of radio on political mobilization. Survey method was used for the study. Combinations of purposive...

Read more

EXPLORING THE BENEFITS OF EARLY CHILDHOOD EDUCATION IN PROMOTING GENDER EQUITY

ABSTRACT: Exploring the benefits of early childhood education in promoting...

Read more