IASP 550 Final Project

I’m working on a C Programming question and need guidance to help me study.

Project Description:  Create an intrusion detection system by: o Detecting an attack. o Creating the rules for monitoring intrusions. o Your approach would be to minimize false alarms, and to assure that your performance overhead is “acceptable”  Identify some research issues related to the IDPS.  Some of the rules that you need to create are: o Detect each visit to www.google.com that is made by the machine. o Send an alert when an activity relating to network chat is detected. o Send an alert when an attempt is made for DNS Zone transfer. o Generate an alert when network traffic that indicates Viber, is being used. o Alert for any packet of size > 100 bytes from the network 172.20.0.0 with SNM 255.240.0.0 designated to port 80. o Alert for any packet that contains the following string “Hello”. o Generate an Alert when there is an access to unauthorized sites. (You select the web sites!)  After the following attacks are performed in the Lab VM: SYN flood and MiTM attack, you should be able to react to those attacks writing the subsequent rules: o Generate an alert when SYN flood happens, record the logs. o Block the traffic. o Generate an alert which detects the MiTM attack.

"Looking for a Similar Assignment? Order now and Get a Discount!