This lacks standard interface for the low-level interaction. The characteristic affects the portability of used can be categorized as an ordinary system that can be used to detect only a known or ungeneralised set of users. The main drawback lies in the fact that the system cannot be generalized. The system acts as a subsystem of the firewall itself. The system contains the details of the intruder, which is then forwarded to the firewall.
The system has no access to the data in the packets. The existing system only checks with the IP address of the arriving packets. It is possible to identify the intruder with the IP address and not with the contents of the packet. It sometimes happens that the data arrive with data that has the capability of hacking the information from the network. This is possible using certain keywords. The existing system fails to detect such intrusion. The existing system is a faster one as far as the performance is considered.
The most important feature of the system is that the system can generalize the type of intrusion. Large amount of checking has to be done in the packets with the data stored in the adaptive model database.
FRONT END: VB.NET
BACK END: MS SQL SERVER
The output forms are: –
Intruder details display Form.
Adaptive modal display Form.
IP request Form.
Port scanning Form.
Ping Machine Form
TCP sniffing Form.
UDP sniffing Form.
All packet sniffing Form
Packet Detection Form
Data Mining Form
Active Machine Form
Instance Management Form
Instant Message Form
Input forms are: –
Change Security Form.
Intruder registration Form.
Intruder alteration Form.
Adaptive modal registration Form.
Adaptive modal modification Form.
The project ‘Network Intrusion Detection System’ is meant for providing security to a system by forwarding the validated packet details to the firewall.
The current system has four modules.
Registration : To register intruders and data model details.
Sensor : For capturing raw data packets.
Detector : Detection of the intruder packet and forwarding packets to the firewall for blocking.
Options : Monitoring certain system details by the administrator.
The administrator, who is the only user, can monitor all the network traffic that is the packets arriving into the network filtering the protocol type that is whether the packet is TCP or UDP. The administrator can also find out which all are the intruder packets and can forward the message for blocking the packets to the firewall.
Considering the current trends and the developments the future might offer, this is a secure system with a promising bright future in the coming networking era.
Table number : 1
Title : Administrator Login
Table Name : Login
Description : The table stores in the login user ID and the password for the authorization checking. It is used both during login and locking.
Constraint : The user ID is the primary key.
Table Number : 2
Title : Intruder Registration Details
Table name : Intruder
Description : The details of already known intruders
Constraints : The int code is the primary key, IP address not null.
Table number : 3
Title : Adaptive Model Table
Table name : Modal
Description : The Adaptive model is created and stored
Constraints : The modcode is the primary key
Table Number : 4
Title : The Intrusion block details
Table name : Detection
Description : The packets detected of intrusion are stored here.
Constraints : The Detipaddr is the primary key
|Detipaddr||Varchar||25||Detected IP Address|