INTELLIGENT NETWORK INTRUSION DETECTION SYSTEM
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
seminar surveyer
Active In SP
**

Posts: 3,541
Joined: Sep 2010
#1
05-10-2010, 03:42 PM



.pdf   Intelligent Network Intrusion Detection System.pdf (Size: 1.29 MB / Downloads: 329)

Presented by:
PUNEET KHANAL
RAJIV SHRESTHA
RAJU KC

INTRODUCTION
Nowadays, as more people make use of the internet, their computers and valuable data in their computer systems become a more interesting target for the intruders. Attackers scan the Internet constantly, searching for potential vulnerabilities in the machines that are connected to the network. Intruders aim at gaining control of a machine and to insert a malicious code into it. Later on, using these slaved machines (also called Zombies) intruder may initiate attacks such as worm attack, Denial-of-Service (DoS) attack and probing attack.

What is an IDS?
Intrusion is any set of actions that threaten the integrity, availability, or confidentiality of a network resource. An intrusion detection system (IDS) monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. In some cases the IDS may also respond to anomalous or malicious traffic by taking action such as blocking the user or source IP address from accessing the network. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems.
a) NIDS: Network Intrusion Detection Systems (NIDS) are a subset of security management systems that are used to discover inappropriate, incorrect, or anomalous activities within networks.
b) HIDS: Host-based intrusion detection system (HIDS) monitors and analyzes the internals of a computing system rather than the network packets on its external interfaces. There are IDS that detect based on looking for specific signatures of known threats- similar to the way antivirus software typically detects and protects against malware- and there are

IDS that detect based on comparing traffic patterns against a baseline and looking for
anomalies.
a) Signature Based: A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. This is similar to the way most antivirus software detects malware. The issue is that there will be a lag between a new threat being discovered in the wild and the signature for detecting that threat being applied to the IDS. During that lag time, the IDS would be unable to detect the new threat. The limitation of this approach lies in its dependence on frequent updates of the signature database and its inability to generalize and detect novel or unknown intrusions.
b) Anomaly Based: An IDS which is anomaly based will monitor network traffic and compare it against an established baseline. The baseline will identify what is “normal” for that network- what sort of bandwidth is generally used, what protocols are used, what ports and devices generally connect to each other- and alert the administrator or user when traffic is detected which is anomalous, or significantly different, than the baseline. However, statistical anomaly detection is not based on an adaptive intelligent model and cannot learn from normal and malicious traffic patterns. There are IDS that simply monitor and alert and there are IDS that perform an action or actions in response to a detected threat.
a) Passive IDS: A passive IDS simply detects and alerts. When suspicious or malicious traffic is detected an alert is generated and sent to the administrator or user and it is up to them to take action to block the activity or respond in some way. b) Reactive IDS: Reactive IDS will not only detect suspicious or malicious traffic and alert the administrator, but will take pre-defined proactive actions to respond to the threat. Typically this means blocking any further network traffic from the source IP address or user.Intrusion detection systems help network administrators prepare for and deal with network security attacks. These systems collect information from a variety of systems and network sources, and analyze them for signs of intrusion and misuse. A variety of techniques have been employed for analysis ranging from traditional statistical methods to new machine learning approaches.
What is not an IDS?
Contrary to popular marketing belief and terminology employed in the literature on intrusion detection systems, not everything falls into this category. In particular, the following security devices are not IDS: Network logging systems used, for example, network traffic monitoring systems. Anti-virus products designed to detect malicious software such as viruses, trojan horses, worms, logic bombs. Firewalls. Security/cryptographic systems, for example VPN, SSL, S/MIME, Kerberos, Radius etc. 1.3. Attack Types
Attack can be classified into three types. They are as follows:
a) Reconnaissance: These attacks involve the gathering of information about a system in order to find its weaknesses such as port sweeps, ping sweeps, port scans, and Domain Name System (DNS) zone transfers. b) Exploits: These attacks take advantage of a known bug or design flaw in the system.
c) Denial-of-Service (DoS): These attacks disrupt or deny access to a service or resource.
Existing System
One of the most well known and widely used intrusion detection systems is the open source, freely available Snort. It is available for a number of platforms and operating systems including both Linux and Windows. Snort has a large and loyal following and there are many resources available on the Internet where we can acquire signatures to implement to detect the latest threats.
Problem Statement
The classical signature-based approach: Cannot detect unknown or new intrusions. Patches and regular updates are required. The statistical anomaly-based approach: Not based on an adaptive intelligent model. Cannot learn from normal and malicious traffic patterns. An alternative approach based on machine learning must be developed.
Objectives
To implement intrusion detection system using Naïve Bayes Classifier, To protect secure information of an organization from outside and inside intruders, To detect novel or unknown intrusions in real-time. 5
Scope of the Project
Increased network complexity, greater access, and a growing emphasis on the Internet have made network security a major concern for organizations. The number of computer security breaches has risen significantly in the last three years. In February 2000, several major web sites including Yahoo, Amazon, E-Bay, Datek, and E-Trade were shut down due to denial-of-service attacks on their web servers. Today, a large amount of sensitive information is processed through computer networks, thus it is increasingly important to make information systems, especially those used for critical functions in the military and commercial sectors, resistant and tolerant to network intrusions. Hence Intrusion Detection has become an integral part of the information security process.
Reply
seminar paper
Active In SP
**

Posts: 6,455
Joined: Feb 2012
#2
14-02-2012, 04:58 PM



to get information about the topic Network Intrusion System full report ,ppt and related topic refer the link bellow

topicideashow-to-network-intrusion-detection-system-and-path-analyzer

topicideashow-to-intelligent-network-intrusion-detection-system

topicideashow-to-intrusion-detection-systems-download-full-seminar and presentation-report

topicideashow-to-intrusion-detection-system-ids-seminar and presentation-report

topicideashow-to-intrusion-detection-system-using-rule-based-systems-full-report

topicideashow-to-hybrid-intrusion-detection-system-full-report
Reply
achilliest
Active In SP
**

Posts: 1
Joined: Jul 2012
#3
07-07-2012, 10:02 PM

It would be great if you could provide the code for the intelligent intrusion detection system.
Thank you
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Detection and Localization of Multiple Spoofing Attackers in Wireless Networks seminar flower 4 1,808 02-06-2014, 09:51 AM
Last Post: seminar project topic
  ON THE EFFECTIVENESS OF MONITORING FOR INTRUSION DETECTION IN MOBILE AD HOC abstract seminar tips 2 802 09-05-2014, 09:43 AM
Last Post: seminar project topic
  Wireless Sensor Network Security model using Zero Knowledge Protocol project uploader 1 1,037 28-02-2014, 01:44 AM
Last Post: mspadmini19
  INTELLIGENT RAILWAY STATION MONITORING AND ALERT SYSTEM (IRSMAS) seminar-database 3 3,335 10-01-2014, 02:05 PM
Last Post: seminar project topic
  OBSTACLE DETECTION AND AVOIDANCE ROBOT seminar surveyer 9 11,431 28-10-2013, 10:50 PM
Last Post: Guest
  Efficient and Robust Detection of Duplicate Videos in a Large Database Report seminar projects maker 0 435 24-09-2013, 12:47 PM
Last Post: seminar projects maker
  Network Assisted Mobile Computing with Optimal Uplink Query Processing pdf seminar projects maker 0 467 20-09-2013, 04:01 PM
Last Post: seminar projects maker
  The Content-Based Image Retrieval using the Pulse Coupled Neural Network PPT seminar projects maker 0 546 14-09-2013, 01:58 PM
Last Post: seminar projects maker
  Online and Offline Intrusion Alert Aggregation pdf seminar projects maker 0 296 14-09-2013, 12:55 PM
Last Post: seminar projects maker
  AUTOMATED BUSINESS INTELLIGENCE NETWORK FOR SOFTWARE REQUIREMENT SPECIFICATIONS seminar projects maker 0 430 12-09-2013, 03:46 PM
Last Post: seminar projects maker