INTRUSION DETECTION& PREVENTION USING HONEYPOT
Main Article Content
Abstract
 Computers & information technology (IT) revolutionized the world & growing day by day.Computer networks enable us to communicate with remote computer network and access resources effectively & efficiently. But these networks are not secure it's prone to intrusion, threats and attacks. Now a days industries use Intrusion detection system (IDS) & Intrusion prevention system (IPS) to monitor the system or a network for attacks, intrusion or threats& prevent the system or network from such vulnerabilities. However IDS/IPS is very expensive & complex to be implemented on your IT systems .it is not viable for small scale industries to implement such systems,thus a model of advanced decoy based technology called honeypot is proposed as a solution for small scale industries. Today honeypot is widely used by such industries beside that honeypot is also useful for large scale industries in improving their intrusion and prevention systems.But traditionally honeypot is viewed as deception system¬ as a intrusion detection or prevention technology also most of the honeypot is built for Linux/Unix based operating systems because of the fact that these operating systems are open sourced systems .Most of the time honeypots are used in the virtualized environment & they usually stimulate fake system to capture network packets which are used later toanalyze them offline for any threats and intrusions .This paper proposes new framework &methodology that implements IDS & IPS within the honeypot withreal time network packet capturing and  intrusions detection along with embedded firewall for intrusion prevention,which make the proposed honeypotmore effective and efficient. The goal of this paper is to propose and design a portable java based real time packet capturing with intrusion detection & preventionhoneypot for windows based operating system. This honeypot is designed keeping Research honeypots in mind but it can be used in virtualized environment also.
Â
General Terms: Jnetpcap, Jderby,Winpcap,Powershell, Firewall.
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.