Home Project-material A WEB-BASED INTRUSION DETECTION AND PREVENTION SYSTEM USING NEURAL NETWORKS

A WEB-BASED INTRUSION DETECTION AND PREVENTION SYSTEM USING NEURAL NETWORKS

Dept: COMPUTER SCIENCE File: Word(doc) Chapters: 1-5 Views: 7

Abstract

In recent times, it has become a necessity to obtain a security measure for computer networks due to the high influx of perpetrators using the internet for malicious purposes. These perpetrators have caused the system and its users to loose confidential information for their own benefit. This work aims at providing a phenomenal solution to the problem of data intrusion. The research project is specified in the protection of web data intrusion i.e. the data that is stored on different websites or web applications. The intrusion detection and prevention system makes use of an Artificial Neural Network (ANN) which adopts pattern matching algorithm that compares the current state of the system with the normal state. The Agile System Development Life Cycle (SDLC) was used in the development of the system. For the pattern matching, rules like; back door penetration, brute force attack on password/username, SQL injection and XSS injection were embedded in the system. The developed syst

CHAPTER ONE

INTRODUCTION

1.1     BACKGROUND OF THE STUDY

With the presence of information technology in this age; data can be stored, manipulated, transferred and processed but there are also some agents that want to make use of the data for negative intentions. Intrusions usually occur when unauthorized access is gained by an attacker to a valid users account so as to perform malicious deeds while masquerading as a real user. In order to prevent this, it is advisable to employ the use intrusion prevention and detection systems. An Intrusion detection and prevention system could be a software and/or a hardware that monitors a system or a network of systems against any malicious activity. An intrusion detection and prevention system has two different functions; prevention and detection. Prevention is the act of avoiding the intrusion while detection is observing any malicious activity that is present in a system.

Examples of intrusions include Attempted break-in/ Masquerade attacks which is an attack that uses fake identity to gain unauthorised access to private computer information through legitimate access identification. They are usually detected by a typical behaviour profile or violation of security constraints. This is an example under anomaly based intrusion system. Another example is the penetration of security control systems. This can be an unauthorised simulated attack on a computer system that looks for security weakness, potentially gaining access to the system’s features data. It can be detected by monitoring specific pattern of activity. Also, Leakage is another example of intrusion, this happens when a system reveals some information to unauthorised parties. It can be detected by a typical use of system resources. Malicious software are also intrusions that should be avoided, it can be any software used to disrupt computer operations, gather information and gain access to private systems. It is detected by typical behaviour profiles, violation of security constraints or the use of special privileges.

There are two intrusion detection based methods; Misuse based intrusion detection: which can also be knowledge based detection. (Devikrishna et al, 2013) It searches for activities that are similar to known signatures of intrusions.  It detects any abnormal activities and renders any other activity in the system as normal. Its greatest advantage is the presence of low false positives but it is unable to detect unknown attacks, it can only detect attacks that have a pattern in the system. The second method is the Anomaly based intrusion detection which can also be known as behaviour based detection. (Devikrishna et al, 2013) It detects by searching for any abnormal network traffic. It is the opposite of misuse based detection in the sense that rather than detecting abnormal activities, it detects normal activities and renders any other activity as abnormal. It is very good in detecting unknown attacks i.e. doesn’t need prior knowledge of the attack but it has a high rate of false positives.

There are several intrusion detection and prevention systems but this research will be focused on developing a Neural Network Intrusion Detection and Prevention (NNIDP) systems. A neural network is the imitation of the connection of the human brain with the nerve cells of the body. The adaptation of a neural network makes intrusion detection systems more efficient. An NNIDP can be trained to learn patterns in a system so as to detect intrusions by recognizing patterns of intrusions and thereby preventing them. There are three steps involved in making a neural network; pre-process the data, train the network and test the data. (Om & Sarkar, 2010)

 

1.2     STATEMENT OF THE PROBLEM

The presence and activities of intruders to forcefully gain access to highly classified and private information especially those stored on the database has rapidly increased over time as a result of technological growth. In curbing this, intrusion detection and prevention systems has been developed to detect and prevent intruders who might want to jeopardize system efficiency as a result of intrusion. The pattern recognition ability and machine learning ability of the Artificial Neural Network has brought advanced IDPS which can effectively detect and prevent intruders. Thus the need to develop an advanced Artificial Neural Network Intrusion Detection and Prevention system for combating intrusions effectively.

1.3     AIM AND OBJECTIVES

The aim of this research is to develop an Intrusion Detection and Prevention System that uses a Neural Network model for the detection and prevention of web attacks. The specific objectives are to:

  1. Survey web attack methods so as to identify intrusion attempts and aid effective detection of intrusion attempts.
  2. Design an intrusion detection and prevention system as a third party security software to enhance the intrusion detection and prevention process.
  3. Develop a robust database that will keep records of intrusion attempts and identify the source thereby preventing the intruders from gaining further access.
  4. Implement a Neural network technology on the Intrusion Detection System so as to effectively enhance the system.

 

 

1.4              METHODOLOGY

To achieve the set objectives, the following methodology will be adopted.

  1. An extensive literature review will be done so as to determine up-to-date intrusions attacks and attempts and also to acquire suitable tools in developing the IDPS.
  2. Software development tools like Java Server Pages (JSP), Apache Tomcat, CSS, HTML, and Bootstrap will be used to develop and implement the Intrusion detection and prevention System (IDPS).
  3. MySQL DBMS will be used to develop the database.
  4. The Pattern matching algorithm will be adopted in the development of the Neural Network in the IDPS.

1.5     SCOPE OF STUDY

The system will be limited to the detection of web attacks and will only implement pattern matching as the neural network algorithm. The research work will not cover other types of intrusion attacks neither will it cover other ANN algorithms.

1.6      SIGNIFICANCE OF THE STUDY

The successful completion of this project will:

  1. Add to the already existing solutions in preventing intrusions.
  2. Improve the security of data especially the ones acquired from websites.
  3. Highlight diverse web attacks and possible ways of tackling them.
  4. Prove that pattern matching algorithm can effectively detect and prevent intrusions.

 

 

1.7     ORGANIZATION OF CHAPTERS

Chapter one is the introduction to the project. It highlights what the project is about and what will be done in subsequent chapters.

Chapter two is the literature review which will discuss the related works, shed more light on IDPS, enlighten about ANN and web attacks, and discuss different neural network algorithms.

Chapter three is the methodology, it will contain the analysis of the system, the design methodology, the system specifications and requirements.

Chapter four is the design and implementation of the system, it entails all the information about the system, screenshots of the system, description of how the system functions and how it is tested.

Chapter five is the summary, conclusion and further recommendations. It gives a summary of the entire project and also some recommendations.



Recent Project Materials

Abstract There has been a meaningful contribution by researchers on this subject; public Relations. So this...
Word(doc) 1-5 3 Read More
Abstract It is obvious that Communication has gone a long way in promoting unity and formation of relevant...
Word(doc) 1-5 2 Read More
Abstract The media industry in the contemporary Nigeria is basically urban centered. This is in contrast t t...
Word(doc) 1-5 2 Read More
Abstract Technology is a very important and useful part of life, effective and appropriate use of it still n...
Word(doc) 1-5 4 Read More
View More Topics