| Popis: |
Most computers have connections to networks, which can be exploited through security cracking to gain access to any confidential data that may be stored on the computer. Thus, it is important to create some type of detection and prevention of the network from being attacked. Intrusion detection systems monitor computer networks looking for evidence of malicious actions. Networks are complex systems, and a comprehensive intrusion detection solution has to be able to manage event streams with different content, speed, level of abstraction, and accessibility. The current network surveillance system like network intrusion detection system (NIDS) has many defects, such as low detection ability, lack of effective response mechanism, poor manageability, etc. Besides, other problems are; it only has a single function of detecting intrusion and supports and experts needed to configure different layout of NIDS makes the systems not flexible and also upgrade intolerant. The main goal for this project is to design an IPS (intrusion prevention system), a network surveillance, analysis, and response system for high-speed network. In addition, the system provides a networking surveillance tools featured with alert monitoring systems with fast response system. The system also has the ability of remote surveillance system that will be integrated with the web and mobile access. We have developed a prototype system and demonstrated usefulness of our approaches. In regards to speed and latency, our result analysis have shown that our anomaly and signature detection capable enough to block an attack in fast response time. |
