CFP last date
22 April 2024
Reseach Article

Intrusion Detection on Campus Network, the Open source approach: Accra Technical University Case Study

by Victor Gbedawo, Komi Agbesi, Theophilus Adukpo
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 164 - Number 6
Year of Publication: 2017
Authors: Victor Gbedawo, Komi Agbesi, Theophilus Adukpo
10.5120/ijca2017913664

Victor Gbedawo, Komi Agbesi, Theophilus Adukpo . Intrusion Detection on Campus Network, the Open source approach: Accra Technical University Case Study. International Journal of Computer Applications. 164, 6 ( Apr 2017), 20-27. DOI=10.5120/ijca2017913664

@article{ 10.5120/ijca2017913664,
author = { Victor Gbedawo, Komi Agbesi, Theophilus Adukpo },
title = { Intrusion Detection on Campus Network, the Open source approach: Accra Technical University Case Study },
journal = { International Journal of Computer Applications },
issue_date = { Apr 2017 },
volume = { 164 },
number = { 6 },
month = { Apr },
year = { 2017 },
issn = { 0975-8887 },
pages = { 20-27 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume164/number6/27488-2017913664/ },
doi = { 10.5120/ijca2017913664 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:10:34.953961+05:30
%A Victor Gbedawo
%A Komi Agbesi
%A Theophilus Adukpo
%T Intrusion Detection on Campus Network, the Open source approach: Accra Technical University Case Study
%J International Journal of Computer Applications
%@ 0975-8887
%V 164
%N 6
%P 20-27
%D 2017
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The computer network security landscape in recent times has become a crucial area in computer networking for both network administrators and network users such that, a compromise of this network security makes the services it provides and more importantly the data it holds, highly susceptible to exploits by malicious people for different purposes and reasons. This is particularly so for campus networks in view of the fact that, they do not only provide services to promote academic work directly but in many ways are integrated into the administrative setup of the institutions they serve. This research therefore seeks to investigate the security threats and vulnerabilities of campus networks and systems to a great extent, so as to propose interventions to resolving these threats, vulnerabilities and exploits, so as to improve the security of these networks by conducting a penetration test that simulates Intrusion Detection employing free and open source software (FOSS) tools. The research adopted “Cloppert’s kill chain” Approach to Penetration Testing. The elements of the simulation included the following FOSS tools VMware Fusion (Operating System simulator), Zentyal Server (unified network server), Snort (Intrusion Detection System), Suricata (Intrusion Prevention System), Nmap (Network scanning), OpenVAS (Vulnerability Assessment Software) and Metasploit Framework (Exploitation tool). Results of the simulation revealed injection flaws to be the prevalent security vulnerability that was exploited and hence, discussed to improve computer network and application security in a rather cost effective fashion.

References
  1. Bragg, R., Phodes-Ousley, M., & Strassberg, K. (2004). Network Security: The complete Reference. McGraw-Hill/ Osborne (Vol. 53). http://doi.org/10.1017/CBO9781107415324.004
  2. White, J. S., Fitzsimmons, T., & Matthews, J. N. (2013). Quantitative analysis of intrusion detection systems: Snort and Suricata. Proceedings of SPIE, 8757, 875704. http://doi.org/10.1117/12.2015616
  3. Pathan, A. (2014). The State of the Art in Intrusion Prevention and Detection, 472. Retrieved from http://books.google.com/books?hl=en&lr=&id=o39cAgAAQBAJ&oi=fnd&pg=PP1&dq=The+State+of+the+Art+in+Intrusion+Prevention+and+Detection&ots=yD8AGesoz9&sig=rdvWXKWoK5f0UHio9n4QSJe0NB8
  4. Zentyal Documentation. 3rd June 2016. https://wiki.zentyal.org/wiki/Zentyal_Wiki
  5. Liebowitz, M., Kusek, C., & Spies, R. (2014). VMware vSphere Performance.
  6. Kennedy, D., O’Gorman, J., Kearns, D., & Aharoni, M. (2013). Metasploit the Penetration Tester’s Guide. Computers & Security (Vol. 32). http://doi.org/10.1016/j.cose.2012.09.009
  7. Beggs, R. W., Cutler, T. P., Heriyadi, D., Singh, T., Amit, K., Karpe, P., … Jones, J. (2014). Mastering Kali Linux for Advanced Penetration Testing Mastering Kali Linux for Advanced Penetration Testing Cover image. Retrieved from www.packtpub.com
  8. OWASP top 10-2013. 16 September 2016. https://www.owasp.org/images/f/f8/OWASP_Top_10_-_2013.pdf
Index Terms

Computer Science
Information Sciences

Keywords

OWASP top 10 ‘Kill Chain approach’ Zentyal server IDS/IPS OpenVAS NVT feed CVE SQL injection Denial-of-service attack Overt and Covert attacks