Network Denial of Service Defense System (nDos)

Denial of Service attack is widely spread within virtual world as a malicious act that could give a huge impact in terms of the system performance and financial aspect. Network Denial of Service Defense System is an extension of intrusion detection system which incorporated with detection and pre...

Full description

Saved in:
Bibliographic Details
Main Author: Zulkifli, Muhd.
Format: Final Year Project
Language:English
Published: Universiti Teknologi PETRONAS 2007
Subjects:
Online Access:http://utpedia.utp.edu.my/9842/1/2007%20Bachelor%20-%20Network%20Denial%20Of%20Service%20Defense%20System.pdf
http://utpedia.utp.edu.my/9842/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utp-utpedia.9842
record_format eprints
spelling my-utp-utpedia.98422017-01-25T09:45:58Z http://utpedia.utp.edu.my/9842/ Network Denial of Service Defense System (nDos) Zulkifli, Muhd. T Technology (General) Denial of Service attack is widely spread within virtual world as a malicious act that could give a huge impact in terms of the system performance and financial aspect. Network Denial of Service Defense System is an extension of intrusion detection system which incorporated with detection and prevention ~.<apabilitie&; The ar~<hite~.<ture of nDos is based on NIPS where it is place inline on the network statefully analyzing packet content and block certain packets that match a signature and alert on others. A NIPS protection is based on the content of packets. The system loads a large array of signatures. These signatures take the form of a string of data characteristic of some particular type of attack. When a data packet enters the network, the IDS!IPS examines that data against its database of signatures. If the data match, then the IDS/IPS takes appropriate action. In the case of an IDS, the intrusion attempt will be logged, whereas, in the case of an IPS, the system can drop the data packet, or even sever the offending machine's connection. Ndos provide web interface for data retrieval and manipulation. The front;end of the system is based on PHP/MySQL hence it could provide statistical analysis for managerial point of view. The back-end of nDos is using snort_inline as detection engine and iptables firewall for traffic prevention mechanism. Once an attack being launch nDos will logged the incident based on rules and configuration and iptables or generic firewall need to determine the traffic state whether to accept or drop the connection. Predefined thresholds value is important for DoS attack where a lot of connections of traffic generated hence when exceed the value the detection engine could identify Stich an attack. nDos is targeted for educational purpose and small-medium size enterprise because of there is only commercial IPS solution available in the market. Portability and compatibility is an issue where for future recommendation Live CD features could be implemented to provide high compatibility without concern of the OS. Universiti Teknologi PETRONAS 2007-01 Final Year Project NonPeerReviewed application/pdf en http://utpedia.utp.edu.my/9842/1/2007%20Bachelor%20-%20Network%20Denial%20Of%20Service%20Defense%20System.pdf Zulkifli, Muhd. (2007) Network Denial of Service Defense System (nDos). Universiti Teknologi PETRONAS. (Unpublished)
institution Universiti Teknologi Petronas
building UTP Resource Centre
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Petronas
content_source UTP Electronic and Digitized Intellectual Asset
url_provider http://utpedia.utp.edu.my/
language English
topic T Technology (General)
spellingShingle T Technology (General)
Zulkifli, Muhd.
Network Denial of Service Defense System (nDos)
description Denial of Service attack is widely spread within virtual world as a malicious act that could give a huge impact in terms of the system performance and financial aspect. Network Denial of Service Defense System is an extension of intrusion detection system which incorporated with detection and prevention ~.<apabilitie&; The ar~<hite~.<ture of nDos is based on NIPS where it is place inline on the network statefully analyzing packet content and block certain packets that match a signature and alert on others. A NIPS protection is based on the content of packets. The system loads a large array of signatures. These signatures take the form of a string of data characteristic of some particular type of attack. When a data packet enters the network, the IDS!IPS examines that data against its database of signatures. If the data match, then the IDS/IPS takes appropriate action. In the case of an IDS, the intrusion attempt will be logged, whereas, in the case of an IPS, the system can drop the data packet, or even sever the offending machine's connection. Ndos provide web interface for data retrieval and manipulation. The front;end of the system is based on PHP/MySQL hence it could provide statistical analysis for managerial point of view. The back-end of nDos is using snort_inline as detection engine and iptables firewall for traffic prevention mechanism. Once an attack being launch nDos will logged the incident based on rules and configuration and iptables or generic firewall need to determine the traffic state whether to accept or drop the connection. Predefined thresholds value is important for DoS attack where a lot of connections of traffic generated hence when exceed the value the detection engine could identify Stich an attack. nDos is targeted for educational purpose and small-medium size enterprise because of there is only commercial IPS solution available in the market. Portability and compatibility is an issue where for future recommendation Live CD features could be implemented to provide high compatibility without concern of the OS.
format Final Year Project
author Zulkifli, Muhd.
author_facet Zulkifli, Muhd.
author_sort Zulkifli, Muhd.
title Network Denial of Service Defense System (nDos)
title_short Network Denial of Service Defense System (nDos)
title_full Network Denial of Service Defense System (nDos)
title_fullStr Network Denial of Service Defense System (nDos)
title_full_unstemmed Network Denial of Service Defense System (nDos)
title_sort network denial of service defense system (ndos)
publisher Universiti Teknologi PETRONAS
publishDate 2007
url http://utpedia.utp.edu.my/9842/1/2007%20Bachelor%20-%20Network%20Denial%20Of%20Service%20Defense%20System.pdf
http://utpedia.utp.edu.my/9842/
_version_ 1739831725513506816
score 13.211869