IASP 550 Final Project
Question Description
Project Description: Create an intrusion detection system by:o Detecting an attack.o Creating the rules for monitoring intrusions.o Your approach would be to minimize false alarms, and to assure that yourperformance overhead is “acceptable” Identify some research issues related to the IDPS. Some of the rules that you need to create are:o Detect each visit to www.google.com that is made by the machine.o Send an alert when an activity relating to network chat is detected.o Send an alert when an attempt is made for DNS Zone transfer.o Generate an alert when network traffic that indicates Viber, is being used.o Alert for any packet of size > 100 bytes from the network 172.20.0.0 with SNM255.240.0.0 designated to port 80.o Alert for any packet that contains the following string “Hello”.o Generate an Alert when there is an access to unauthorized sites. (You select theweb sites!) After the following attacks are performed in the Lab VM: SYN flood and MiTM attack,you should be able to react to those attacks writing the subsequent rules:o Generate an alert when SYN flood happens, record the logs.o Block the traffic.o Generate an alert which detects the MiTM attack.
Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."