Network Denial of Service Defense System (nDos)
Denial of Service attack is widely spread within virtual world as a malicious act that could give a huge impact in terms of the system performance and financial aspect. Network Denial of Service Defense System is an extension of intrusion detection system which incorporated with detection and pre...
Saved in:
Main Author: | |
---|---|
Format: | Final Year Project |
Language: | English |
Published: |
Universiti Teknologi PETRONAS
2007
|
Subjects: | |
Online Access: | http://utpedia.utp.edu.my/9842/1/2007%20Bachelor%20-%20Network%20Denial%20Of%20Service%20Defense%20System.pdf http://utpedia.utp.edu.my/9842/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-utp-utpedia.9842 |
---|---|
record_format |
eprints |
spelling |
my-utp-utpedia.98422017-01-25T09:45:58Z http://utpedia.utp.edu.my/9842/ Network Denial of Service Defense System (nDos) Zulkifli, Muhd. T Technology (General) Denial of Service attack is widely spread within virtual world as a malicious act that could give a huge impact in terms of the system performance and financial aspect. Network Denial of Service Defense System is an extension of intrusion detection system which incorporated with detection and prevention ~.<apabilitie&; The ar~<hite~.<ture of nDos is based on NIPS where it is place inline on the network statefully analyzing packet content and block certain packets that match a signature and alert on others. A NIPS protection is based on the content of packets. The system loads a large array of signatures. These signatures take the form of a string of data characteristic of some particular type of attack. When a data packet enters the network, the IDS!IPS examines that data against its database of signatures. If the data match, then the IDS/IPS takes appropriate action. In the case of an IDS, the intrusion attempt will be logged, whereas, in the case of an IPS, the system can drop the data packet, or even sever the offending machine's connection. Ndos provide web interface for data retrieval and manipulation. The front;end of the system is based on PHP/MySQL hence it could provide statistical analysis for managerial point of view. The back-end of nDos is using snort_inline as detection engine and iptables firewall for traffic prevention mechanism. Once an attack being launch nDos will logged the incident based on rules and configuration and iptables or generic firewall need to determine the traffic state whether to accept or drop the connection. Predefined thresholds value is important for DoS attack where a lot of connections of traffic generated hence when exceed the value the detection engine could identify Stich an attack. nDos is targeted for educational purpose and small-medium size enterprise because of there is only commercial IPS solution available in the market. Portability and compatibility is an issue where for future recommendation Live CD features could be implemented to provide high compatibility without concern of the OS. Universiti Teknologi PETRONAS 2007-01 Final Year Project NonPeerReviewed application/pdf en http://utpedia.utp.edu.my/9842/1/2007%20Bachelor%20-%20Network%20Denial%20Of%20Service%20Defense%20System.pdf Zulkifli, Muhd. (2007) Network Denial of Service Defense System (nDos). Universiti Teknologi PETRONAS. (Unpublished) |
institution |
Universiti Teknologi Petronas |
building |
UTP Resource Centre |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Teknologi Petronas |
content_source |
UTP Electronic and Digitized Intellectual Asset |
url_provider |
http://utpedia.utp.edu.my/ |
language |
English |
topic |
T Technology (General) |
spellingShingle |
T Technology (General) Zulkifli, Muhd. Network Denial of Service Defense System (nDos) |
description |
Denial of Service attack is widely spread within virtual world as a malicious act that
could give a huge impact in terms of the system performance and financial aspect.
Network Denial of Service Defense System is an extension of intrusion detection system
which incorporated with detection and prevention ~.<apabilitie&; The ar~<hite~.<ture of nDos
is based on NIPS where it is place inline on the network statefully analyzing packet
content and block certain packets that match a signature and alert on others. A NIPS
protection is based on the content of packets. The system loads a large array of
signatures. These signatures take the form of a string of data characteristic of some
particular type of attack. When a data packet enters the network, the IDS!IPS examines
that data against its database of signatures. If the data match, then the IDS/IPS takes
appropriate action. In the case of an IDS, the intrusion attempt will be logged, whereas, in
the case of an IPS, the system can drop the data packet, or even sever the offending
machine's connection. Ndos provide web interface for data retrieval and manipulation.
The front;end of the system is based on PHP/MySQL hence it could provide statistical
analysis for managerial point of view. The back-end of nDos is using snort_inline as
detection engine and iptables firewall for traffic prevention mechanism. Once an attack
being launch nDos will logged the incident based on rules and configuration and iptables
or generic firewall need to determine the traffic state whether to accept or drop the
connection. Predefined thresholds value is important for DoS attack where a lot of
connections of traffic generated hence when exceed the value the detection engine could
identify Stich an attack. nDos is targeted for educational purpose and small-medium size
enterprise because of there is only commercial IPS solution available in the market.
Portability and compatibility is an issue where for future recommendation Live CD
features could be implemented to provide high compatibility without concern of the OS. |
format |
Final Year Project |
author |
Zulkifli, Muhd. |
author_facet |
Zulkifli, Muhd. |
author_sort |
Zulkifli, Muhd. |
title |
Network Denial of Service Defense System (nDos) |
title_short |
Network Denial of Service Defense System (nDos) |
title_full |
Network Denial of Service Defense System (nDos) |
title_fullStr |
Network Denial of Service Defense System (nDos) |
title_full_unstemmed |
Network Denial of Service Defense System (nDos) |
title_sort |
network denial of service defense system (ndos) |
publisher |
Universiti Teknologi PETRONAS |
publishDate |
2007 |
url |
http://utpedia.utp.edu.my/9842/1/2007%20Bachelor%20-%20Network%20Denial%20Of%20Service%20Defense%20System.pdf http://utpedia.utp.edu.my/9842/ |
_version_ |
1739831725513506816 |
score |
13.211869 |