Project Description The project basically consists of three main components-Attacker, Defender, and Observer. Our project scenario is the following: A.

Slides:



Advertisements
Similar presentations
REFLEX INTRUSION PREVENTION SYSTEM.. OVERVIEW The Reflex Interceptor appliance is an enterprise- level Network Intrusion Prevention System. It is designed.
Advertisements

Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Introduction to Network Analysis and Sniffer Pro
Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention with Snort Dr. Jim Chen, Victor Tsao, Barry Williams, Tokunbo Olojo, John Smet,
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
1 Host Based Intrusion Detection: Analyzing System Logs Bob Winding, Vikram Ahmed University of Notre Dame 12/13/2006.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Neural Technology and Fuzzy Systems in Network Security Project Progress 2 Group 2: Omar Ehtisham Anwar Aneela Laeeq
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Why Wireless? The answer is simple: Reach users who are often on the move!
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Security administrators The experts need better tools too!
Neural Technology and Fuzzy Systems in Network Security Project Progress Group 2: Omar Ehtisham Anwar Aneela Laeeq
Maintaining and Updating Windows Server 2008
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Lecture 11 Intrusion Detection (cont)
Intrusion Detection System Marmagna Desai [ 520 Presentation]
INTRUSION DETECTION SYSTEM
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Security Guidelines and Management
Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,
Wireshark Presented By: Hiral Chhaya, Anvita Priyam.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
By: Paul Albert.  Project Description  Design Protocols  User Profiles  Deliverables  Timeline  Budget  Demonstration  Conclusion.
Section 11.1 Identify customer requirements Recommend appropriate network topologies Gather data about existing equipment and software Section 11.2 Demonstrate.
Penetration Testing Security Analysis and Advanced Tools: Snort.
Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.
Using Windows Firewall and Windows Defender
What is FORENSICS? Why do we need Network Forensics?
1. There are different assistant software tools and methods that help in managing the network in different things such as: 1. Special management programs.
Honeypot and Intrusion Detection System
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
What is a “Network Intrusion Detection System (NIDS)"?
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
DISTRIBUTED tcpdump CAPABILITY FOR LINUX Research Paper EJAZ AHMED SYED Dr. JIM MARTIN Internet Research Group. Department Of Computer Science – Clemson.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
Database Activity Monitoring
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.
PROFILING HACKERS' SKILL LEVEL BY STATISTICALLY CORRELATING THE RELATIONSHIP BETWEEN TCP CONNECTIONS AND SNORT ALERTS Khiem Lam.
Page 1 CSISS Center for Spatial Information Science and Systems CWIC Metrics: Current and Future Weiguo Han, Liping Di, Yuanzheng Shao, Lingjun Kang Center.
Intrusion Detection System (IDS) Basics LTJG Lemuel S. Lawrence Presentation for IS Sept 2004.
Module 10: Preparing to Monitor Server Performance.
1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 4 Monitoring Network Activity.
Research Direction Advisor: Frank,Yeong-Sung Lin Presented by Jia-Ling Pan 2010/10/211NTUIM OPLAB.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
Louisiana Tech Capstone Submitted by Capstone 2010 Cyber Security Situational Awareness System.
1 Company Confidential Fluke Networks OptiView Wireless Network Analyzer Bringing the power of OptiView to Wireless LANS.
Venus Project Brief Description. What It Do What Monitor Log Analyze Block Narrow Report Search Where Single stations Internet Gates Special Devices Web.
Advanced Anti-Virus Techniques
CONTENTS: 1.Abstract. 2.Objective. 3.Block diagram. 4.Methodology. 5.Advantages and Disadvantages. 6.Applications. 7.Conclusion.
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Reconfigurable Communication Interface Between FASTER and RTSim Dec0907.
WIRESHARK Lab#3. Computer Network Monitoring  Port Scanning  Keystroke Monitoring  Packet sniffers  takes advantage of “friendly” nature of net. 
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
Maintaining and Updating Windows Server 2008 Lesson 8.
CompTIA Security+ Certification Exam SY COMPTIA SECURITY+SY0-401 Q&A is a straight forward,efficient,and effective method of preparing for the new.
Introducing Kaspersky Anti-Virus 6.0 for Windows Workstations Introducing Kaspersky ® Anti-Virus 6.0 for Windows Workstations.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Some Great Open Source Intrusion Detection Systems (IDSs)
(A CORPORATE NETWORK APPROACH)
Advanced Troubleshooting with Cisco Prime NAM-3: Use Case
Backdoor Attacks.
High Performance Computing Lab.
Securing the Network Perimeter with ISA 2004
Internet of Things Vulnerabilities
Objectives. Objectives Objectives Content Configure Microsoft Azure monitor.
IP Addresses & Ports IP Addresses – identify a device on a network
Presentation transcript:

Project Description The project basically consists of three main components-Attacker, Defender, and Observer. Our project scenario is the following: A user is using a wireless network service through Access Point, then Attacker will do Attack on the wireless network(user). Observer is monitoring what is on the airwaves and send log file to Defender. Defender will analyze log files from the observer, categorize attack patterns and report to network administrator for wireless network troubleshooting.

An architecture to detect Attackers

Components to achieve protecting attacks Monitoring wireless networking Between attacker and defender Show what happen in the network graphically by using GUI Analyze vulnerabilities of protocols Setup various attack daemons to exploit critical security holes of Analyze log files from the observer Categorize attack patterns by using XML Detect attackers Report “under attack” Attacker(sonjong) Defender(eunyong) Observer(jaemoo)

Features Bare Essentials: Attack program(at least two) networking(Decode captured frames, Filter the captured frames) Attack recognizer GUI Build our own access point on laptop Desired Features: Real-time monitoring Scan all the available channels Monitoring program properly works under all manufactured NIC. Report statistical data(e.g. Graph) Block attacker or hacker GUI Alert under attack Bells and Whistles: Detect more attacking and hacking programs

Schedule 2/7/04 Research vulnerabilities of protocols 2/14/04 Research vulnerabilities of protocols Setup device(Linux and NICs on laptop) 2/21/04 Modify one of NICs to malicious NIC Decode captured frames Design log file format Research vulnerabilities of protocols 2/28/04 Modify one of NICs to a malicious NIC Program to scan all the available channels in the air Decode captured frames Design log file format Research vulnerabilities of protocols 3/5/04 Filter the captured frames Parse log file to extract useful data Research vulnerabilities of protocols

3/12/04 Setup and test attack at home Filter the captured frames Parse log file to extract useful data Research vulnerabilities of protocols 3/19/04 Setup and test attack at home Design GUI Program to analyze log file 3/21/04 Setup and test attack at home Build GUI Report statistical data Program to analyze log file 3/22/04 Prototype demonstration

3/26/04 Troubleshooting Build GUI 3/27 - 4/25 Speed distributions Monitor real-time network utilization Build GUI Program to analyze log file 4/26/04 Final project demonstration

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.