DSpace Repository

Computer network intrusion : detection and response

Show simple item record

dc.contributor.author Vu Ngoc Trinh en_US
dc.date.accessioned 2015-01-12T10:40:33Z
dc.date.available 2015-01-12T10:40:33Z
dc.identifier.other AIT Thesis no.CS-06-12 en_US
dc.identifier.uri http://www.cs.ait.ac.th/xmlui/handle/123456789/337
dc.description Pathum Thani, Thailand : Asian Institute of Technology, 2006 en_US
dc.description 60 p. : ill. en_US
dc.description.abstract Internet is developing with a very high speed. It brings up many benefits in many life aspects. The number of computer intrusion also increase with great speed. Hackers used various attacking techniques to intrude many important computer systems in the world such as Banks, Military, Government, Business, and Education, etc. to steal sensitive data, to delete important data, to broken the busine ss on internet (denial of service)...There are many Intrusion Detection Systems (IDS) were de veloped to detect the computer intrusions. The Intrusion Detection Systems (IDS) were clas sified into two types: Misuse (signature) and Anomaly approaches. However, up to the present, the traditional Intrusion Detection Systems only concentrates on Detection. The Response techni ques were not presented. When it detects an attack, it just sends the alerts to file or database, but does not respond automatically and cannot track down the source of the attackers. This study will improve the traditional Intr usion Detection Systems by integrating the Response Techniques into the Response Componen ts of the existing Di stributed Intrusion Detection System. The improved Intrusion Detection System wi ll has the characteristics as sniffer the packages on the network, log the packets to the database, detect the attacks and send the alerts to the file or database. The alerts which stored in the f ile or database can be accessed, analyzed and managed later by administrators . The improved Intrusion Detection System also has the ability to respond actively and au tomatically to the attacks (attacker) when they are detected. It can automatically bloc k IP address of the a ttackers, inform the administrators and automatically track down the attackers. The demo Intrusion Detection System will also be implemented as it runs on Linux operating system. It is installed on the comput er and connected to AIT computer network. It listens to the packets m oving in and out the AIT networ ks and detects the attacks. Whenever detecting an attack, it will automatically respond to the attack.
dc.relation.ispartof Thesis no. CS-06-12 en_US
dc.relation.ispartof Asian Institute of Technology. Thesis no. CS-06-12 en_US
dc.subject Computer security en_US
dc.subject Computer networks -- Security measures en_US
dc.subject Internet -- Security measures en_US
dc.title Computer network intrusion : detection and response en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse

My Account