Network Intrusion Detection System

Abstract: Network Intrusion Detection is an important technology in business sector as well as in high security zones such as research. It is an effective weapon that provides information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take appropriate action. Computers that form networked distributed systems, may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect some common attacks (i.e. SYN Flooding and IP spoofing in this case) on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a signatures or attributes from known malicious threats. It has been implemented in Java with help of JPcap Library. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.

Keywords: NIDS, malicious, legitimate, attacks, signature, SYN flood, IP Spoofing.