Assignment Help - homework help

Iasp 550 final project you will need to form groups of 2 or


Project -

Each presentation should include at least the following from the paper:

  • Background and motivation
  • Basic problem
  • Classification of related work and background
  • Main ideas
  • Evaluation and results
  • Open issues

Project Proposal

You will need to form groups of 2 or 3 members and write a project proposal. (Individual projects are possible, but not encouraged.) The project proposal should include at least four sections:

  • A title.
  • List of group members. If the group members will have different responsibilities, please list those.
  • Project description -- what you intend to do.
  • References.

The project should take this format:

Empirical analysis/simulation: Study the performance of various security measures under different types of threats/attacks. If you are implementing an attack, you must take every measure to ensure it does not present a threat to the computing community of the world at large. You must ensure that you stand by all the policies that govern use of computing resources during the execution of this project.

Intrusion Detection - Snort

Snort is a rule-based intrusion detection system where each rule specifies a pattern or condition that may indicate an intrusion has occurred. Snort provides the user the opportunity to edit and add their own rules. Read the Snort User Manual to see how to write rules.

Project Description:

Create an intrusion detection system by:

  • Detecting an attack.
  • Creating the rules for monitoring intrusions.
  • Your approach would be to minimize false alarms, and to assure that your performance overhead is "acceptable"

Identify some research issues related to the IDPS.

Some of the rules that you need to create are:

  • Detect each visit to www.google.com that is made by the machine.
  • Send an alert when an activity relating to network chat is detected.
  • Send an alert when an attempt is made for DNS Zone transfer.
  • Generate an alert when network traffic that indicates Viber, is being used.
  • Alert for any packet of size > 100 bytes from the network 172.20.0.0 with SNM 255.240.0.0 designated to port 80.
  • Alert for any packet that contains the following string "Hello".
  • Generate an Alert when there is an access to unauthorized sites. (You select the web sites!)

After the following attacks are performed in the Lab VM: SYN flood and MiTM attack, you should be able to react to those attacks writing the subsequent rules:

  • Generate an alert when SYN flood happens, record the logs.
  • Block the traffic.
  • Generate an alert which detects the MiTM attack.

Request for Solution File

Ask an Expert for Answer!!
Dissertation: Iasp 550 final project you will need to form groups of 2 or
Reference No:- TGS02262170

Expected delivery within 24 Hours