ITEC 6620: Information and Systems Security NIDS Report

Verified

Added on 2022/12/23

AI Summary

This report provides an in-depth analysis of Network Intrusion Detection Systems (NIDS), crucial for network and system security. It begins with an introduction to NIDS, emphasizing their role in protecting against various attacks. The report then delves into the limitations of network-based defensive tools, such as blind sensors and the challenges of handling numerous simultaneous attacks, and suggests solutions like the N-Map procedure. It outlines various system vulnerabilities, including privilege elevation, SQL injection, unauthorized data access, URL manipulation, and data manipulation techniques. Furthermore, the report examines vulnerabilities in attacking tools like Hacker-combat Network security scanner, OpenVas, Nexpose Community, Nikto, Tripwire IP260, Wireshark, and Nessus Professional. The discussion extends to the attack surface of the OS, emphasizing the importance of minimizing the surface area to maintain security. The report concludes by highlighting the significance of NIDS in protecting personal and professional networks, drawing parallels to real-life security measures. The references include relevant research papers and publications.

Running head: INFORMATION AND SYSTEMS SECURITY
INFORMATION AND SYSTEMS SECURITY
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
INFORMATION AND SYSTEMS SECURITY
Introduction
The NIDS or the network intrusion detection system is actually the method of the
security management of the network or system. An anti-threat programme or software are
installed in the system of a specific purpose. The outside and the network both are handled by
these techniques. The aim of the report is to explain the system properly with the required
key points with the given scenario properly. The system is used for the protection, all of the
faults, limitation, vulnerabilities and attack techniques also discussed properly (Javaid et
al.,2016).
Description
There are several points needed to discuss the network intrusion detection system
properly:
 Limitation of network base defensive tools:
o In the network intrusion detection system, the packets can be handled through
the network. Then it can be said that the system will create a problem if the
attacker will send a malicious programme through the links. So it is one of the
biggest problems which can be said as a blind sensor. The next problem is the
administrator has to check the proper attack between a large number of
simultaneous attacks. It will accrue huge amount of space. The solution is to
use the N-Map procedure to decoy it. The nature of the detection which is
used in network intrusion system is one of the disadvantages of the network
problems (Hodo et al.,2016). Dental of service is used to complete this process
if the attacker chose the network host properly; then the NIDS may crash
(attack type is TCP/IP stack attack).
 Techniques of system vulnerabilities:

2
INFORMATION AND SYSTEMS SECURITY
o There are several techniques needed to discuss: Privilege Elevation: In this
type of attack, the hacker will try to take the privilege for the higher level in
the target system. After that the hacker will send the code for the entire system
attack. SQL injection: Malicious SQL codes are sent to the targeted server
account. After that the web application used to hack the system. Unauthorized
Data Access: In a specific application, this unauthorised attack has been done.
If the attack will be placed successfully then data fetching, client
authentication hacking and data monitoring access can be done by the hackers
(Sahita 2016). URL manipulation: It has been done through URL query attack.
The client server information may be licked through this. DATA
Manipulation: The hacker will use the HTML page for this procedure. Then
the data of the target account may be changed by the hacker and it will create a
headache of the website owner (Aljawarneh, Aldwairi and Yassein 2018).
 Vulnerabilities in attacking tools:
Several tools are used in these cases. Those main tools are Hacker-combat
Network security scanner: It is a cloud based network security tools used to
prevent the virus as well as the malware.
1. OpenVas: It is one of the vulnerability scanner tools. The framework is
one of the powerful framework scanning tools which will use for the
management solution.
2. Nexpose Community: It is used in small organizations. It is a free and
single used vulnerable tool. The operating system, network and the web
database are managed by this software properly.
3. Nikto: It is one of the popular web scanners. Web server, virtual host and
the web sites are managed by the Nikto properly. Tripwire IP260: It is

3
INFORMATION AND SYSTEMS SECURITY
one of the audit enforcing solution which will help to provide the solution
properly. These operations manage term and functionality both.
4. Wireshark: It is used to check the network packets properly. Many times
the network packets will be infected by the attackers. So these tools will
analyse and remove that infected one.
5. Nessus Professional: It is mainly used in the organization to prospect the
laptop. Various collaboration attack and the vulnerability attack will be
detected and removed by it (Kang and Kang.,2016).
 Attack Surface of the OS:
o The attack surface is the mainly used software environment where the
attacker will try to inject a malicious programme to affect the system. The
target is to keep small the surface where the basic security should be
maintained properly. First, the system has to visualize by mapping what is
happening with the attacks. Proper protection is needed with IOE (Tang et
a.,2016 ). The visualization with the mapping is needed to scan the indicators
of the exposers. The indicators have to be detected where the attacking has
been done already.
Conclusion
Comparing with the real-life situation; an unusual attack should be stopped in their
own house if anyone wants to break the lock. Like this way detection system of network, the
intrusion is the way to protect the system and network from the various attack. As per the
various attacks the personal and professional network will be affected hugely. That is why
like an alarm; an indicator should be placed in the system. If the attack has been detected in
the mapping; the indicator will inform the system.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
INFORMATION AND SYSTEMS SECURITY

5
INFORMATION AND SYSTEMS SECURITY
Conclusion
Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection
system through feature selection analysis and building hybrid efficient model. Journal
of Computational Science, 25, 152-160.
Hodo, E., Bellekens, X., Hamilton, A., Dubouilh, P. L., Iorkyase, E., Tachtatzis, C., &
Atkinson, R. (2016, May). Threat analysis of IoT networks using artificial neural
network intrusion detection system. In 2016 International Symposium on Networks,
Computers and Communications (ISNCC) (pp. 1-6). IEEE.
Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016, May). A deep learning approach for
network intrusion detection system. In Proceedings of the 9th EAI International
Conference on Bio-inspired Information and Communications Technologies
(formerly BIONETICS) (pp. 21-26). ICST (Institute for Computer Sciences, Social-
Informatics and Telecommunications Engineering).
Kang, M. J., & Kang, J. W. (2016). Intrusion detection system using deep neural network for
in-vehicle network security. PloS one, 11(6), e0155781.
Sahita, R. L. (2016). U.S. Patent No. 9,270,643. Washington, DC: U.S. Patent and Trademark
Office.

6
INFORMATION AND SYSTEMS SECURITY
Tang, T. A., Mhamdi, L., McLernon, D., Zaidi, S. A. R., & Ghogho, M. (2016, October).
Deep learning approach for network intrusion detection in software defined
networking. In 2016 International Conference on Wireless Networks and Mobile
Communications (WINCOM) (pp. 258-263). IEEE.