INTRUSION DETECTION& PREVENTION USING HONEYPOT

Main Article Content

Vivekanand Omprakash Rajbhar

Abstract

 Computers & information technology (IT) revolutionized the world & growing day by day.Computer networks enable us to communicate with remote computer network and access resources effectively & efficiently. But these networks are not secure it's prone to intrusion, threats and attacks. Now a days industries use Intrusion detection system (IDS) & Intrusion prevention system (IPS) to monitor the system or a network for attacks, intrusion or threats& prevent the system or network from such vulnerabilities. However IDS/IPS is very expensive & complex to be implemented on your IT systems .it is not viable for small scale industries to implement such systems,thus a model of advanced decoy based technology called honeypot is proposed as a solution for small scale industries. Today honeypot is widely used by such industries beside that honeypot is also useful for large scale industries in improving their intrusion and prevention systems.But traditionally honeypot is viewed as deception system&not as a intrusion detection or prevention technology also most of the honeypot is built for Linux/Unix based operating systems because of the fact that these operating systems are open sourced systems .Most of the time honeypots are used in the virtualized environment & they usually stimulate fake system to capture network packets which are used later toanalyze them offline for any threats and intrusions .This paper proposes new framework &methodology that implements IDS & IPS within the honeypot withreal time network packet capturing and  intrusions detection along with embedded firewall for intrusion prevention,which make the proposed honeypotmore effective and efficient.  The goal of this paper is to propose and design a portable java based real time packet capturing with intrusion detection & preventionhoneypot for windows based operating system. This honeypot is designed keeping Research honeypots in mind but it can be used in virtualized environment also.

 

General Terms: Jnetpcap, Jderby,Winpcap,Powershell, Firewall.

Downloads

Download data is not yet available.

Article Details

Section
Articles