This lacks standard interface for the low-level interaction. The characteristic affects the portability of used can be categorized as an ordinary system that can be used to detect only a known or ungeneralised set of users. The main drawback lies in the fact that the system cannot be generalized. The system acts as a subsystem of the firewall itself.  The system contains the details of the intruder, which is then forwarded to the firewall.

Network Intrusion Detection System Home Page


The system has no access to the data in the packets. The existing system only checks with the IP address of the arriving packets. It is possible to identify the intruder with the IP address and not with the contents of the packet. It sometimes happens that the data arrive with data that has the capability of hacking the information from the network. This is possible using certain keywords. The existing system fails to detect such intrusion. The existing system is a faster one as far as the performance is considered.

Network Intrusion Detection System details

Network Intrusion Detection System Data Flow Diagrams


The most important feature of the system is that the system can generalize the type of intrusion. Large amount of checking has to be done in the packets with the data stored in the adaptive model database.

Software Configuration:

FRONT END:           VB.NET


The output forms are: –

Intruder details display Form.

Adaptive modal display Form.

IP request Form.

Port scanning Form.

Ping Machine Form

TCP sniffing Form.

UDP sniffing Form.

All packet sniffing Form

Packet Detection Form

Data Mining Form

Active Machine Form

Instance Management Form

Instant Message Form

Reports Form.

Input forms are: –

Login Form.

Change Security Form.

Intruder registration Form.

Intruder alteration Form.

Adaptive modal registration Form.

Adaptive modal modification Form.

Locking Form.


The project ‘Network Intrusion Detection System’ is meant for providing security to a system by forwarding the validated packet details to the firewall.

The current system has four modules.

Registration     : To register intruders and data model details.

Sensor : For capturing raw data packets.

Detector          : Detection of the intruder packet and forwarding packets to the firewall for blocking.

Options           : Monitoring certain system details by the administrator.

The administrator, who is the only user, can monitor all the network traffic that is the packets arriving into the network filtering the protocol type that is whether the packet is TCP or UDP. The administrator can also find out which all are the intruder packets and can forward the message for blocking the packets to the firewall.

Considering the current trends and the developments the future might offer, this is a secure system with a promising bright future in the coming networking era.

Detection Details


Table number            :           1

Title                            :           Administrator Login

Table Name               :           Login

Description                 :           The table stores in the login user ID and the password for the authorization checking. It is used both during login and locking.

Constraint                  :           The user ID is the primary key.

Field name Type Length Description
Username Varchar 25 User Identification
Password Varchar 25 User Password

Table Number           :           2

Title                            :           Intruder Registration Details

Table name                :           Intruder

Description                 :           The details of already known intruders

Constraints                :           The int code is the primary key, IP address not null.

Field Name Type Length Description
Intcode Numeric 9 Intruder Code
Ipaddress Varchar 25 Ip Address
Intdesc Varchar 25 Intruder Description
Regdate DateTime 8 Registration Date
Starttime DateTime 8 Start Time
Endtime DateTime 8 End Time

Table number            :           3

Title                            :           Adaptive Model Table

Table name                :           Modal

Description                 :           The Adaptive model is created and stored

Constraints                :           The modcode is the primary key

Field name Type Length Description
Modcode Numeric 9 Model Code
Regdate DateTime 8 Registration date
Pattern Varchar 200 Model Pattern

Table Number           :           4

Title                            :           The Intrusion block details

Table name                :           Detection

Description                 :           The packets detected of intrusion are stored here.

Constraints                :           The Detipaddr  is the primary key 

Field name Type Length Description
Detipaddr Varchar 25 Detected IP Address
Detdate DateTime 8 Detection Date
Dettime DateTime 8 Detection Time
Protocol Varchar 10 Protocol
Dettype Varchar 25 Detection Type