DESIGN AND IMPLEMENTATION OF INTRUDER DETECTIVE SYSTEM USING WIRED NETWORK (A CASE STUDY OF FMC ASABA)

Description

ABSRACT

Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations such as in FMC Asaba. But secured data communication over internet and anyother network is always under threat of intrusions and misuses. So Intrusion Detection Systems havebecome a needful component in terms of computer and network security. In this work we proposed an Intrusion Detection System (IDS) using wired network, by applying genetic algorithm (GA) to efficiently detect various types of network intrusions which can be efficiently used in a hospital. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reducethecomplexity.Toimplementandmeasuretheperformanceofoursystemweusedthe  KDD99benchmarkdatasetand obtainedreasonabledetectionrate.

 

 

 

 

 

 

1. CHAPTER ONE

INTRODUCTION

• Back Ground to the Study
• Statement of the Problem
• Motivation of the Study
• Aim and Objective of the Study
• Significance of the Study
• Limitation of the Study
• Organization of the Study
• Definition of Terms

 

2. CHAPTER TWO

LITERATURE REVIEW

• Concept of the Work (Supervisor’s explanation required)
• Review of Related Work

 

3. CHAPTER THREE

RESEARCH METHODOLOGY

• Adopted Methodology
• System Analysis
• Data Collection Method
• System Design(System architecture,input, output and database design)

 

4. CHAPTER FOUR

SYSTEM IMPLEMENTATION

• Hardware Requirement
• Software Requirement
• System Interface( Snapshot )
• System Testing
• System Evaluation

 

5. CHAPTER FIVE

Summary, Conclusion and Recommendation

• Summary
• Conclusion
• Recommendation

References

 

 

 

 

 

CHAPTER ONE

INTRODUCTION

• Back Ground to the Study

Computersystemsandnet works a reprotected from abuse by using a defensive measurescomponentknownasIntrusionDetectionSystem.

In 2014Botha et al proposed intrusion detection as is an approach to counter the computer and networking attacks and misuses (Botha et al., 2014). Intrusion detection is implemented by an intrusion detection system and today there are many commercial intrusion detection systems available. In general, most of these commercial implementations are relative ineffective and insufficient, which gives rise to the need for research on more dynamic intrusion detection systems.

Generally an intruder is defined as a system, program or person who tries to and may become successful to break into an information system or perform an action not legally allowed(Graham, 2014).Intrusion is defined as the process of performing an action by an information system user in an illegal form. The intruder can come from either inside or outside, who go beyond his authority limits to perform an action. Even though the action causes damage or not, it is to be worried as it may cause damage for the service supplied by system or for the system’s health. The detection of intrusion includes describing the worse or gain strived by an intruder for few entity,which seeks an unauthorized access for system. To recognize imprior that an intruder starts an interaction with system neither of the automated detection methodologies which are known to us is used. Mean while, to avoid intrusion regular actions are performed by the system administrators. These can be like requesting for the password to be provided ahead by the user to acquire any system access, blocking entire or few access of the network and physical access, affixing of the familiar vulnerabilities that may be used by the intruder to acquire unauthorized access. Systems with Intrusion detection are utilized in extra for avoiding such measures.

• Statement of the Problem

Nowadays it is very important to maintain a high level security to ensure safe and trusted communicationof information between various organizations. But secured data communication over internet and anyother network is always under threat of intrusions and misuses.

Today’s businesses rely on technology for everything, from hosting applications on servers to communication. As technology evolves, the attack surface that cybercriminals have access to also widens. A 2021 Check Point research reported that there had been 50% more attacks per week on corporate networks in 2021 as compared to 2020. As such, organizations of all industry verticals and sizes are ramping up their security posture, aiming to protect every layer of their digital infrastructure from cyber attacks (Zamboni et al., 2011). So Intrusion Detection Systems havebecome a needful component in terms of computer and network security. An intrusion detection system (IDS)monitors a network for possible threats to alert the administrator, thereby preventing potential attacks.

• Motivation of the Study

An Intrusion Detection system is much required in enterprise networks, as there are more possibilities of getting threats. The threats may be any kind of attack such as DoS,backdoor entries, spoofing etc. These attacks try to use the vulnerabilities of the system and exploit them to make the network to crash and down. Once the intruders are successful in such attacks they exploit the resources for their miss-activities and put the system in trouble. To track such attacks and prevent the network from such attacks there is a need of some system which can take actions on detection of such attacks. Intrusion Detection system or Prevention System makes such attacks to minimize and make the whole system to get secured by viruses, attacks all the threats

• Aim and Objective of the Study

The main aim of this work is design and implementation of intruder detective system using wired network (a case study of FMC Asaba)

The objectives of the study are:

1. To implement intruder Detective System (IDS) for wired network
2. To maintain a high level security to ensure safe and trusted communication of information between various organizations such as used in FMC Asaba.
3. To guard technology infrastructure and sensitive data
4. To review the different existing system.
   • Significance of the Study

This system will serve as a network security tool that monitors network traffic and devices for known malicious activity, suspicious activity or security policy violations.

An IDS can help accelerate and automate network threat detection by alerting security administrators to known or potential threats, or by sending alerts to a centralized security tool. A centralized security tool such as a security information and event management (SIEM) system can combine data from other sources to help security teams identify and respond to cyber threats that might slip by other security measures.

• Limitation of the Study

Te Intrusion Detection System (IDS) was carried out  by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the  KDD99 bench mark data set and obtained reasonable detection rate.

• Organization of the Study

The remaining part of this paper is organized as follows: Chapter 2 shortly describes some previous works. Chapter 3 gives methodology of the system and its implementation. chapter 4 describes performance analysis. Chapter 5  conclude the work.

• Definition of Terms

Network intrusion detection systems (NIDSs): monitor inbound and outbound traffic to devices across the network.

intrusion detection system (IDS): This is a system that monitors a network for possible threats to alert the administrator.

Network security: This is the protection of the underlying networking infrastructure from unauthorized access, misuse, or theft. It involves creating a secure infrastructure for devices, applications, users, and applications to work in a secure manner.

CHAPTER FIVE

5.0                             Summary, Conclusion and Recommendation

• Summary

The present system and the flaws of the design motivates to work towards the security of the network. Intrusion Detection System which was made to secure a system from the external as well as internal network. This provides restricted access between the networks according to the defined rules of IDS, and hence minimizes the inter-network attacks. The proposed network design provides a way of making the network as well as a system secured. The main advantage of proposed design over the present is minimizing the possibility of victim machines attacked by external network. The design of Intrusion Detection System provides security for attacks within the network. Totally the design of the network with support of Intrusion Detection System either internal or external provides security from all view points.

• Conclusion

In this paper, we present and implemented an Intrusion Detection System by applying genetic algorithm to efficiently detect various types of network intrusions. To implement and measure the performance of our system we used the standard KDD99 benchmark dataset and obtained reasonable detection rate. To measure the fitness of a chromosome we used the standard deviation equation with distance. If we can use a better equation or heuristic in this detection process we believe the detection rate and process will improve a great extent, especially false positive rate will surely be much lower.