AbstractsComputer Science

Abstract Internet has emerged as the largest tool for modern IT enabled businesses. Given the power of Internet in the modern business world, the threats have also increased drastically. Attacks on Internet enabled computerized systems are carried out using sophisticated mechanisms to either steal data or else cause sabotage. The magnitude of such threats is much higher and hence additional protection measures are mandatory given that the traditional firewalls cannot inspect the traffic that has been allowed to pass through the open ports. The advanced protection systems having capability to inspect the traffic passing through the open ports and inform the security administrator about doubtful traffic (suspected malicious traffic) are called Network Intrusion Detection Systems (NIDS). The systems that can detect and block malicious traffic through open ports automatically as per pre-defined rules are called Network Intrusion Prevention Systems (NIPS). The Intrusion Detection & Prevention Systems can also be deployed at the Host level to detect unauthorized identity theft & breaches and monitor usage of networked IT resources like files, folders, databases, applications or such other business application assets. (McHugh, John and Christie, Alan et al, 2000; Rehman, Rafeeq Ur, 2003; Ranum, Marcus J, 2003) The focus of this dissertation is to present a detailed insight into Collaborative implementation techniques of Network & Host Intrusion Detection and Prevention Systems and their planning & implementation on a running network. The author shall carry out a research in order to work out a detailed mechanism of deployment of Network Intrusion Detection & Prevention system and future roadmap of implementation of Network Admission Control on a production computer network.