Next-Generation Cybertrap For Corporate Intrusion Detection and Prevention


Added on  2019-09-26

11 Pages2647 Words482 Views
Project DissertationTitle:Next-Generation Cybertrap For Corporate Intrusion Detection Servers and Intrusion Prevention Servers in Enterprise Business.

1.INTRODUCTION Cyber Trap becomes the trend setting word in the growing generations minds whowork upon a lot in the internet. This word will be more familiar for the corporate companies asthey come through such problems day-to-day basis. They make their process on the internetwhich will make their work so easier and instant. Believing on this, these crew people collectdata from internet but they were not aware of the problems which will affect them later. Due tothis access of internet, the hidden side of the internet gets wild and gains lot of profit, butlocating and targeting the small corporate companies because they don’t maintain high securityin the internet. But they do believe that they have strong security connections that no one couldenter the area and access the data. Their intention is completely wrong because Cyber trap is ahuge background trap that takes out the data from their site with ease effort. They areotherwise called as attackers of corporates who enjoy a lot in trapping and getting out the dataat at the most level. According to a recent survey, it is obvious that 96% of the business people are fooled bythe Cyber Trap method. To know about the happenings, the company brought out a idea todetect the attack made by the internet user. Then there was an emergence of processor calledhoneypots to detect the malware capture, which is placed in a corner of a network to capture theattackers. The proposed system is capable of detecting the network attacks on significantresources and to capture the malwares being spread in the network. This system consists ofvarious modules to monitor the system after knowing and understanding the basics from thehuman interaction. During the initial process of the detectors, they learn about the signature andthe behaviour of the malware. Later they were feeded with the modern executables and binaries

system which them capable to find out the malwares which harm the computing network. Thispackage checks for the malicious match to find out the harm material. Then came into charge, the Intrusion Detection module which acts more effective whichwatches out for the intrusion chances. When an attack is made, it comes into act making anattentive alarm which intends in creating a honeypot to which will be the replica of the victimresource. All the services which were running on the victim machine will be faked into thehoneypot, in case of this the attacker will redirected. But the IDS is very conscious clear thatthe redirected work should not be found out by the attacker. This additional feature of thismakes a good hype in this intrusion module detector. This even too provides a system calledsandbox, which will not harm the operation of the original resources and maintain the recordsin safe manner. There comes along an automated honeypot management system which managessuch critical circumstances. Every particular process will have a design feature which goes from initial to final stages.Such as this design is too made with five different modules namely Malware detector, Intrusiondetector, Honeypot Manager, Auditor and Backup manager. To know about the attackers, the inventors had a different methods of plan to makethe attackers attract towards their honeypots. To make this happen they made their trap bymaking the server most requested one and high ranking one which will lure more attackers. Bythat time, the initial stage which is the Malware detector checks for the incoming threatswhereas the other modules will not get into charge unless they are needed. The honeypotmanager created the honeypots for the attackers to be detected to the server, then the Auditorchecks the system for any malicious activity and in the generated logs after particular events

next comes the Backup manager who will in charge to backup the resources and honeypotswhenever necessary. 1.Malware Detector: The malware detector works with collaboration and runs independently on theinternet to detect and capture any malwares in the network. This module consists of variousfunctions, search for malwares in different ways, and later submits the result to the server forfurther research. This module too has 3 types naming fetcher, watcher and hunter. A fetcher is aservice which does cross-matching to catch any malicious files. Watcher watches the networkfor any harm file to capture. Hunter is a pre-processor which extracts Windows binaries whichcome into the network and checks them for the unwanted harm files.2. Intrusion detector: Intrusion detector is similar when compared with the Hunter detectorwhich is a pre-processor which controls the calling of other modules. Whenever there is anintrusion, the intrusion detector detects and shoots out an alert and calls other modules ifnecessary alone. The intrusion detector module has a function for log parsing, which keeps itseyes on the log for intrusion attempts. Even in this case, if a harm is detected an alarm isprovided to the administrator. The module looks for the harm, if any harm is detected, itconnects with honeypot module to create a honeypot and deal further with attacker.3. Honeypot Manager:This is one of the important module is the honeypot manager, which creates a honeypot tolocate the threats. The main function of this to create a honeypot to take out the threats by

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Project Dissertation | Next-Generation Cybertrap

Project Dissertation: Next Generation Cybertrap

Next-Generation Cybertrap For Corporate Intrusion Detection Servers and Intrusion Prevention Servers in Enterprise Business

Project Dissertation Proposal: Next Generation Cybertrap

Introduction to Network Forensics