Call for Paper - November 2019 Edition
IJCA solicits original research papers for the November 2019 Edition. Last date of manuscript submission is October 21, 2019. Read More

Enhancing Intrusion Detection System Performance using Firecol Protection Services based Honeypot System

Print
PDF
IJCA Proceedings on International Conference on Communication, Computing and Information Technology
© 2015 by IJCA Journal
ICCCMIT 2014 - Number 3
Year of Publication: 2015
Authors:
Rajalakshmi Selvaraj
Venu Madhav Kuthadi
Tshilidzi Marwala

Rajalakshmi Selvaraj, Venu Madhav Kuthadi and Tshilidzi Marwala. Article: Enhancing Intrusion Detection System Performance using Firecol Protection Services based Honeypot System. IJCA Proceedings on International Conference on Communication, Computing and Information Technology ICCCMIT 2014(3):43-48, March 2015. Full text available. BibTeX

@article{key:article,
	author = {Rajalakshmi Selvaraj and Venu Madhav Kuthadi and Tshilidzi Marwala},
	title = {Article: Enhancing Intrusion Detection System Performance using Firecol Protection Services based Honeypot System},
	journal = {IJCA Proceedings on International Conference on Communication, Computing and Information Technology},
	year = {2015},
	volume = {ICCCMIT 2014},
	number = {3},
	pages = {43-48},
	month = {March},
	note = {Full text available}
}

Abstract

Nowadays, Internet is one among the famous technique to connect each computer all around the world. The development of nonstop communication creates a number of opportunities and also it develops new possibilities for malicious users. As the size and number of the Internet and Network traffic has become greater and the requirement for the Intrusion Detection grows in step to minimize the Information communication overhead required for the Intrusion Detection and diagnosis. It has made the public servers gradually more vulnerable to incursion of Intrusions and unauthorized accesses. In addition to this, one of the major concerns of a server administrator are maintaining poor performance, low latency for the user and filtering illegal accesses. So the System Administrator utilizes Honeypot systems for handling Intrusions in the network. Honeypot systems are system or decoy server setup together data concerning an intruder or attacker into the Network system. In this research, Firecol Protection Services based Honeypot System (FPS-HPS) is proposed to prevent and handle the various network intrusions in the Internet. This approach perform the operations in the following way: 1) firecol protection services indentify the network intrusion, 2) the load balancer generate two types of tokens to intrusion user as well as authenticated user and forward to mail server 3) mail server send token key to the attacker and original user 4) token verifier verify the received token is valid or not. If the token is valid then they forward the request to the original server otherwise it is considered as an attack and this verifier forward request to honeypot system. 5) Finally, The honeypot system sends irrelevant messages to attacker. The experimentally deployed proposed system results shows that our framework prevents the intrusions effectively rather than other tools or framework.

References

  • H.J. Liao et al., Intrusion detection system: A comprehensive review, Journal of Network and Computer Applications 36 (2013) 16–24.
  • G. Jacob Victor, Dr. M Sreenivasa Rao, Dr. V. CH. Venkaiah, Intrusion Detection Systems - Analysis and Containment of False Positives Alerts, International Journal of Computer Applications (0975 – 8887) Volume 5– No.8, August 2010.
  • Andre Yee(January 22, 2004), NFR Security “Making false positives go away”, http://www.computerworld.com/ securitytopics/security/story/0,10801,89122,00.html?f=x15", accessed on 21.08.07.
  • Swapnali, Sundar, Sadamate, Review Paper on Honeypot Mechanism – the Autonomous Hybrid Solution for Enhancing, International Journal of Advanced Research in Computer Science and Software Engineering 4(1), January - 2014, pp. 854-858
  • Selvaraj, R., Kuthadi, V.M. & Marwala, T. (2015). An Effective ODAIDS-HPs approach for Preventing, Detecting and Responding to DDoS Attacks. British Journal of Applied Science & Technology, Vol.5 (5): 500-509
  • (2007) The Honeypot Website. [Online]. Available: http://www.honeypots.net/
  • William Stallings, Cryptography and Network Security: Principles and Practice, 2nd ed., Prentice-Hall, 2000.
  • John Carroll, Computer Security, 3rd ed., Butterworth-Heinemann, 1997.
  • Sainath Patil, Nageshri B Karhade, Yogini K Kothekar, Honeyweb: a web-based high interaction client honeypot , International Journal of Engineering Research and Applications (IJERA), March 2012.
  • Christian Kreibich, Jon Crowcroft, Honeycomb . Creating Intrusion Detection Signatures Using Honeypots
  • C. Stoll, The Cuckoo's Egg. Addison-Wesley, 1986.
  • W. R. Cheswick, .An Evening with Berferd, in which a Cracker is lured, endured, and studied,. in Proceedings of the 1992 Winter USENIX Conference, 1992.
  • Kuthadi, V.M, Rajendra.C & Selvaraj, R (2010). A study of security challenges in wireless sensor networks. JATIT Vol.20 (1):39-44.
  • S. Ioannidis, A. D. Keromytis, S. M. Bellovin, and J. M. Smith, “Implementing a distributed firewall,” in Proc. 7th ACM CCS, 2000, pp. 190–199, ACM Press.
  • S. H. Khor and A. Nakao, “Overfort: Combating DDoS with peer-topeer DDoS puzzle,” in Proc. IEEE IPDPS, Apr. 2008, pp. 1–8.
  • R. Janakiraman, M. Waldvogel, and Q. Zhang, “Indra: A peer-to-peer approach to network intrusion detection and prevention,” in Proc. IEEE WETICE, Jun. 2003, pp. 226–231.
  • K. Hwang, S. Tanachaiwiwat, and P. Dave, “Proactive intrusion defense against DDoS flooding attacks,” in Proc. Int. Conf. Adv. Internet, Process., Syst., Interdiscipl. Res., 2003 [Online]. Available: http://gridsec.usc.edu/hwang/papers/IEEES&P414Final.pdf
  • L. Feinstein, D. Schnackenberg, R. Balupari, and D. Kindred, “Statistical approaches to DDoS attack detection and response,” in Proc. DARPA Inf. Survivability Conf. Expos., 2003, pp. 303–314.
  • Kuthadi, V.M., Selvaraj, R., & Marwala, T. (2015).An Efficient web services framework for secure Data collection Wireless sensor Network. British Journal of Science. Vol.12 (1):18-31.
  • R. Mahajan, S. M. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker, “Controlling high bandwidth aggregates in the network,” Comput. Commun. Rev., vol. 32, no. 3, pp. 62–73, 2002.
  • M. Vallentin, R. Sommer, J. Lee, C. Leres, V. Paxson, and B. Tierney, “The NIDS cluster: Scalable, stateful network intrusion detection on commodity hardware,” in Proc. 10th RAID, Sep. 2007, pp. 107–126.