Development of a network intrusion detection system (IDS)

Cybersecurity is increasing its significance over the years due to the overwhelming use of electronic devices which requires the use of internet where the existence of internet has helped our current era to inter-connect with one another in a much easier and more efficient way as compared to centuri...

Full description

Saved in:
Bibliographic Details
Main Author: Yeoh, Alexander Weil Tine
Other Authors: Chan Chee Keong
Format: Final Year Project
Language:English
Published: 2017
Subjects:
Online Access:http://hdl.handle.net/10356/71471
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:Cybersecurity is increasing its significance over the years due to the overwhelming use of electronic devices which requires the use of internet where the existence of internet has helped our current era to inter-connect with one another in a much easier and more efficient way as compared to centuries before. However, with an excellent tool available on hand, there is always bound to be people with intentions to abuse the tool for personal gains which brings our attention towards hackers in this aspect. This brings forth the importance of having to step up the preventive measures against hackers as they are constantly upgrading their methodologies and techniques to penetrate a system and committing theft for several important information such as credit card numbers, confidential company information etcetera. The scope of this project is to setup and use a Network Intrusion Detection System in a virtual environment whereby the administrator of a specific system can monitor and detect the network for any malicious activity while other virtual systems will be simulating as attackers and victims in different scenarios to justify the succession rate of the Network Intrusion Detection System. In this report, we will discuss on the network configuration setup via virtualization technology followed by having a Network Intrusion Detection System installed in one of the virtual machines port mirrored to monitor the whole network. In the virtual network, virtual machines will be assigned as attackers to simulate cyber-attacks allowing the Network Intrusion Detection System to detect the Internet Protocol address from the source of malicious activity provider. Several forms of attacks will be simulated such as Distributed Denial of Service, Ping of Death, search for malicious content words over the internet and File Transfer Protocol Brute-Force attack for root access and eventually be detected by the Network Intrusion Detection System using various rules which detects by various patterns or algorithms.