Analysis and design of intrusion detection system implementation / Chia Fook Keong

Chia, Fook Keong (2003) Analysis and design of intrusion detection system implementation / Chia Fook Keong. Undergraduates thesis, University of Malaya.

[img]
Preview
PDF (Academic Exercise (Bachelor’s Degree)
Download (28Mb) | Preview

    Abstract

    Nowadays, firewall has been widely used to enforce network security policy in organizations. However, maintaining a good and up to date security policy is not an easy task. Furthermore, maintaining a firewall is even harder. A slip of mouse will let the hackers to drive through the firewall easily. Sometime, a badly configured firewall will engender a false sense of security. This can be worse than no firewall at all. As such, Intrusion Detection System (IDS) has been introduced as a second line of defense to protect an organization. IDS can be either host-based, network based or integrated. The functions of IDS include continuous monitoring and analysis of users and system activities as well as auditing system configurations and vulnerabilities. This report studies the implementation issues of IDS. The IDS chosen was Snort, which is a free, open source, lightweight, multi-platform and customizable software. The Faculty of Computer Science and Information Technology (FCSIT), University of Malaya network has been chosen as the testing site, First, this study analyzes the environment and protocols run in the FCSIT network. The study finds that FCSIT network has multiple virtual local area networks (VLANs) and is running Hot-Standby Routing Protocol (HSRP) and Network Address Translation (NAT). Through the analysis, both HSRP and NAT affect the IDS implementation. Secondly, IDS is implemented in selected locations and the data gathered are analyzed. Network and system weaknesses discovered are rectified. The IDS is then fine tuned to reduce false alarm and improve detection performance. Through this, FCSIT network security is further enhanced.

    Item Type: Thesis ( Undergraduates)
    Additional Information: Academic Exercise (Bachelor’s Degree) – Faculty of Computer Science & Information Technology, University of Malaya, 2002/2003.
    Uncontrolled Keywords: Network security policy; Firewall; Intrusion Detection System (IDS); Multi-platform
    Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
    Divisions: Faculty of Computer Science & Information Technology
    Depositing User: Mr Mahadie Ab Latif
    Date Deposited: 08 Jul 2021 13:37
    Last Modified: 08 Jul 2021 13:37
    URI: http://studentsrepo.um.edu.my/id/eprint/10010

    Actions (For repository staff only : Login required)

    View Item