Printable Version in Adobe Acrobat (.pdf) format
-->
| Printable Version in Adobe Acrobat (.pdf) format --> |
Students:
Johnny Aquino, Graduate Candidate, Masters in Information Technology and Management
Ashok Bhojwani, Graduate Candidate, Masters in Information Technology and Management
Jeremy Hajek, Graduate Candidate, Masters in Information Technology and Management
Rajesh Patel, Graduate Candidate, Masters in Information Technology and Management
Faculty:
Bill Lidinsky, Alva C. Todd Professor and Assistant Director of Information
Technology And Management
Project:
A Network Security System that monitors both wired and wireless networks within
the boundaries of Rice IIT Campus. The system provides automated alerting and
is coupled with another system, GRATIS, that graphically identifies the source
and location of the malicious traffic.
Outcome:
NIDS extends the capabilities of existing network monitoring by joining multiple
IDS (Intrusion Detection System) detectors that sense events causing anomalies
in the campus network. These detectors report to a central server that manages
all the resources. Each IDS system uses Snort software that performs pattern
matching on data packets. It looks for signatures of well-known patterns of
attack, performs real-time analysis and logs alerts to the central database
for further examination. In addition to Snort, the central IDS server uses a
MySQL database, an APACHE web server, a customized console called ACID (Analysis
Console for Intrusion Database), an alerting tool called Swatch, plus other
supporting programs.
The system is currently in use and has been able to detect anomalies and misuses such as illegal use of P2P file sharing, SMTP email relays, and many types of Trojan and worm attacks.
All software used for this project is either freeware or shareware.
The project was presented at the Computer and Network Security Workshop on April 7, 2005 and to the Institute of Electrical and Electronics Engineers (IEEE) on May 12, 2005 as part of an IEEE student colloquium.