Development of a framework for Network Intrusion Detection System (NIDS)

Intrusion detection plays an important role in the cyber security infrastructure due to the increasing vulnerabilities and threats in Internet applications. Throughout the years, the increasing computer crimes and its advancement has also made the Intrusion Detection System technology grow tremendou...

Full description

Saved in:
Bibliographic Details
Main Author: Yeo, Po Leng
Other Authors: Chan Chee Keong
Format: Final Year Project
Language:English
Published: 2019
Subjects:
Online Access:http://hdl.handle.net/10356/77411
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:Intrusion detection plays an important role in the cyber security infrastructure due to the increasing vulnerabilities and threats in Internet applications. Throughout the years, the increasing computer crimes and its advancement has also made the Intrusion Detection System technology grow tremendously. Therefore, it further shows the importance of having preventive measures against hackers and computer crimes as they are always improving their methodologies and techniques to infiltrate a system whereby they can obtain confidential information such as credit card numbers, personal details of individuals, confidential company information and so forth. This project focuses on the development of a Network Intrusion Detection System in a virtual environment whereby the administrator of the system can monitor the traffic and keep track of any malicious activity. On the other hand, the other virtual systems will be simulating as attackers and victims according to different scenarios to prove the succession rate of the Network Intrusion Detection System. In this report, the setup of the network configuration using virtualization technology and installing a Network Intrusion Detection system in one of the virtual machines, which is the administrator of the system, to monitor the entire network will be discussed. Within the virtual network, virtual machines are assigned as attackers and victims to simulate cyber-attacks and to become the target of the cyber-attacks, respectively. By doing so, it allows the Network Intrusion Detection system to detect the attackers’ and victims’ Internet Protocol addresses, and the types of malicious activities which are conducted. The forms of cyber-attacks which will be performed in this project are Distributed Denial of Service, Ping of Death, File Transfer Protocol Brute-Force attack for root access and search for malicious content words over the Internet. Ultimately, the above-mentioned cyber-attacks will be detected by the Network Intrusion Detection System according to the various rules which detects different patterns or algorithms.