Abhay Nath Singh

Honeypot Based Intrusion Detection System

A framework for mitigating network attacks using honeypot and real time rule accession in Intrusion Detection System

• Broschiertes Buch

Produktbeschreibung

The Intrusion Detection Systems (IDS) play an important role in protecting the organizations from unauthorized activities. In this dissertation work, a framework using honeypot is proposed with Real Time Rule Accession (ReTRA) capability. Honeypot is used to prevent the attack and collect attack traffic on the network. Furthermore, Apriori algorithm for association rule mining is used on the data logged by honeypot to generate rules which is added to the Snort IDS dynamically. This is different from the previous method of off-line rule base addition. The proposed IDS is efficient in detecting the attacks at the time of their occurrences even if the system was not equipped with rules to detect it. The logs generated by honeypots can grow very large in size when there is heavy attack traffic in the system, thus consuming a lot of disk space. The huge log size poses difficulty when they are processed and analyzed as they consume a lot of time and resources. The proposed system addresses these issues. The logging module for efficient capture of attack traffic saves disk space. The log analyzer processes this log to generate reports and graphs for the security administrators.

Produktdetails

• Verlag: LAP Lambert Academic Publishing
• Aufl.
• Seitenzahl: 68
• Englisch
• ISBN-13: 9783846583104
• ISBN-10: 3846583103
• Artikelnr.: 35031695

Autorenporträt

Abhay Nath Singh obtained his master s degree in Computer Science from Indian Institute of Technology - Roorkee in 2011. He has worked in the fields of network security, distributed and real-time database systems. He is the author of several papers in reputed international conferences, international journals and book chapter.