ABSTRACT
In recent times, it has become a
necessity to obtain a security measure for computer networks due to the high
influx of perpetrators using the internet for malicious purposes. These
perpetrators have caused the system and its users to loose confidential
information for their own benefit. This work aims at providing a phenomenal
solution to the problem of data intrusion. The research project is specified in
the protection of web data intrusion i.e. the data that is stored on different
websites or web applications.
The intrusion detection and
prevention system makes use of an Artificial Neural Network (ANN) which adopts
pattern matching algorithm that compares the current state of the system with
the normal state. The Agile System Development Life Cycle (SDLC) was used in
the development of the system. For the pattern matching, rules like; back door
penetration, brute force attack on password/username, SQL injection and XSS
injection were embedded in the system.
The developed system
was tested on two different web applications and it successfully detected and
prevented intrusions based on the rules that were defined by the Neural Network
Intrusion Detection and Prevention System (NNIDPS).
TABLE
OF CONTENTS
List of Figures
Abstract
Chapter
1: Introduction
1.1 Background of the Study
1.2 Statement of the Problem
1.3 Aim and Objectives
1.4 Methodology
1.5 Scope of Study
1.6 Significance of the Study
1.7 Organization of Subsequent Chapters
Chapter
2:
Literature Review
2.1
Introduction
2.2
The Web and it’s analysis
2.2.1
The Web in relation to Computer Security and Artificial Intelligence
2.3
Intrusion Detection and Prevention Systems
2.3.1
Events that can be detected by an IDS/IPS
2.3.2
Phases of Intrusion Detection and Prevention System
2.3.3
Examples of popular IDP systems
2.3.3.1
Snort
2.3.3.2
Suricata
2.4
Neural Networks as an aspect of AI
2.4.1 Paradigms
of Learning in Neural Networks
2.4.2 Popular
algorithms used to implement neural networks
2.4.3 Other
implementations of neural networks
2.4.3.1 Facial recognition implementation
2.4.3.2 Speech recognition implementation
2.4.3.3 Fingerprint identification systems
2.4.3.4 Mobile robot motion
2.5 Review of related works
2.5.1 NNIDP
implementation according to attacks
2.5.2 Anomaly
neural network intrusion detection reviews
2.5.3
Neural network intrusion detection with fuzzy clustering
2.5.4 Neural
network intrusion detection implementations with new algorithms
2.5.5 Implementation of NNs with other AI fields
in intrusion detection
2.5.6
NNIDP implementation using back-propagation, Som’s, perceptron
2.6 Summary
Chapter
3:
Methodology
3.1
Introduction
3.2
Software Development Model
3.3
System and User Requirements
3.3.1
Functional Requirements
3.3.2
Non-Functional Requirements
3.3.3
User Requirements
3.4 Software Development tools
3.4.1
MySQL Database
3.4.2
Apache Tomcat
3.4.3
Programming Languages
3.5 System Description
3.6
System Diagrams i.e. Use case, Activity, ER diagram
3.6.1 Use case Model
3.6.2
Data Flow Diagram
3.6.3
Activity Diagram
3.6.4
Flowchart
3.6.5
ER Diagram
3.6.6
Database Structure
Chapter
4:
System Design, Implementation and Testing
4.1
Introduction
4.2 System Requirement and
Specification
4.2.1
Software Requirement
4.2.2
Hardware Requirement
4.2.3 Software Specifications
4.2.4 Hardware Specifications
4.3
System Deployment
4.3.1
Setting up the Wamp server
4.3.2
Deploying the Application
4.4
NNIDPS Operation
4.5 System Execution
4.5.1
The Home Page
4.5.2
The Register Page
4.5.3
The Login Page
4.5.4
The Admin Page
4.5.5
The Client Page
4.6 System Testing
Chapter
5:
Summary, Conclusion & Recommendations
5.1
Summary
5.2
Conclusion
5.3
Recommendations
References
Apendix
CHAPTER ONE
INTRODUCTION
1.1 BACKGROUND OF THE STUDY
With the presence of information
technology in this age; data can be stored, manipulated, transferred and
processed but there are also some agents that want to make use of the data for
negative intentions. Intrusions usually occur when unauthorized access is
gained by an attacker to a valid users account so as to perform malicious deeds
while masquerading as a real user. In order to prevent this, it is advisable to
employ the use intrusion prevention and detection systems. An Intrusion
detection and prevention system could be a software and/or a hardware that
monitors a system or a network of systems against any malicious activity. An
intrusion detection and prevention system has two different functions;
prevention and detection. Prevention is the act of avoiding the intrusion while
detection is observing any malicious activity that is present in a system.
Examples
of intrusions include Attempted break-in/ Masquerade attacks which is an attack
that uses fake identity to gain unauthorised access to private computer
information through legitimate access identification. They are usually detected
by a typical behaviour profile or violation of security constraints. This is an
example under anomaly based intrusion system. Another example is the
penetration of security control systems. This can be an unauthorised simulated
attack on a computer system that looks for security weakness, potentially
gaining access to the system’s features data. It can be detected by monitoring
specific pattern of activity. Also, Leakage is another example of intrusion,
this happens when a system reveals some information to unauthorised parties. It
can be detected by a typical use of system resources. Malicious software are
also intrusions that should be avoided, it can be any software used to disrupt
computer operations, gather information and gain access to private systems. It
is detected by typical behaviour profiles, violation of security constraints or
the use of special privileges.
There are two intrusion detection based
methods; Misuse based intrusion detection: which can also be knowledge based
detection. (Devikrishna et al, 2013) It searches for activities that are
similar to known signatures of intrusions.
It detects any abnormal activities and renders any other activity in the
system as normal. Its greatest advantage is the presence of low false positives
but it is unable to detect unknown attacks, it can only detect attacks that
have a pattern in the system. The second method is the Anomaly based intrusion
detection which can also be known as behaviour based detection. (Devikrishna et
al, 2013) It detects by searching for any abnormal network traffic. It is the
opposite of misuse based detection in the sense that rather than detecting
abnormal activities, it detects normal activities and renders any other
activity as abnormal. It is very good in detecting unknown attacks i.e. doesn’t
need prior knowledge of the attack but it has a high rate of false positives.
There are several intrusion
detection and prevention systems but this research will be focused on
developing a Neural Network Intrusion Detection and Prevention (NNIDP) systems.
A neural network is the imitation of the connection of the human brain with the
nerve cells of the body. The adaptation of a neural network makes intrusion
detection systems more efficient. An NNIDP can be trained to learn patterns in
a system so as to detect intrusions by recognizing patterns of intrusions and
thereby preventing them. There are three steps involved in making a neural
network; pre-process the data, train the network and test the data. (Om & Sarkar, 2010)
1.2 STATEMENT OF THE PROBLEM
The presence and activities of
intruders to forcefully gain access to highly classified and private
information especially those stored on the database has rapidly increased over
time as a result of technological growth. In curbing this, intrusion detection
and prevention systems has been developed to detect and prevent intruders who
might want to jeopardize system efficiency as a result of intrusion. The
pattern recognition ability and machine learning ability of the Artificial
Neural Network has brought advanced IDPS which can effectively detect and
prevent intruders. Thus the need to develop an advanced Artificial Neural Network
Intrusion Detection and Prevention system for combatting intrusions
effectively.
The aim of this research is to
develop an Intrusion Detection and Prevention System that uses a Neural Network
model for the detection and prevention of web attacks. The specific objectives
are to:
1. Survey
web attack methods so as to identify intrusion attempts and aid effective
detection of intrusion attempts.
2. Design
an intrusion detection and prevention system as a third party security software
to enhance the intrusion detection and prevention process.
3. Develop
a robust database that will keep records of intrusion attempts and identify the
source thereby preventing the intruders from gaining further access.
4. Implement
a Neural network technology on the Intrusion Detection System so as to
effectively enhance the system.
1.4 METHODOLOGY
To achieve the set objectives, the
following methodology will be adopted.
1. An
extensive literature review will be done so as to determine up-to-date
intrusions attacks and attempts and also to acquire suitable tools in
developing the IDPS.
2. Software
development tools like Java Server Pages (JSP), Apache Tomcat, CSS, HTML, and
Bootstrap will be used to develop and implement the Intrusion detection and
prevention System (IDPS).
3. MySQL
DBMS will be used to develop the database.
4. The
Pattern matching algorithm will be adopted in the development of the Neural
Network in the IDPS.
The system will be limited to the
detection of web attacks and will only implement pattern matching as the neural
network algorithm. The research work will not cover other types of intrusion
attacks neither will it cover other ANN algorithms.
The successful completion of this project will:
1. Add
to the already existing solutions in preventing intrusions.
2. Improve
the security of data especially the ones acquired from websites.
3. Highlight
diverse web attacks and possible ways of tackling them.
4. Prove
that pattern matching algorithm can effectively detect and prevent intrusions.
Chapter one is the introduction to the project. It
highlights what the project is about and what will be done in subsequent
chapters.
Chapter two is the literature review which will
discuss the related works, shed more light on IDPS, enlighten about ANN and web
attacks, and discuss different neural network algorithms.
Chapter three is the methodology, it will contain
the analysis of the system, the design methodology, the system specifications
and requirements.
Chapter four is the design and implementation of the
system, it entails all the information about the system, screenshots of the
system, description of how the system functions and how it is tested.
Chapter five is the summary, conclusion and further
recommendations. It gives a summary of the entire project and also some
recommendations.
================================================================
Item Type: Project Material | Attribute: 63 pages | Chapters: 1-5
Format: MS Word | Price: N3,000 | Delivery: Within 30Mins.
================================================================
No comments:
Post a Comment