INTRUSION

DETECTION
SYSTEM
Hello!
I AM YUVARAJ SINGH
MALAWAT

I am currently pursuing by B.E.

Degree
And I am not fairly good at
giving presentation
2
POINT OF
PRESENTATION
NETWORK
SECURITY

SO LET’S GET STARTED

3
 “
True Cyber Security is preparing for
what’s next , not what was last

4
CONTENTS

○ Network Intrusion Detection System

○ HoneyPot
○ Using honeypy as our Honeypot

5
 BIG CONCEPT
What is an Intrusion Detection System ?

6
Iintrusion Detection System

○ IDS detects malicious activity such as

Denial of Service , port scans or attempts
to crack into computer by monitoring
traffic
○ Inspects incoming network traffic and
studies the packets

7
BIG CONCEPT
What is an Honeypot ?

8
Honeypot is ..

○ It is a security resource whose value lies

in being attacked or compromised

○ It is system that can be used as

surveillance and early- warning tool

9
A HONEY POT
in a network

○ In general, it consists of
a computer or a
network site that
appears to be part of
network but which is
actually isolated,
unprotected and
monitored.

10
TYPES OF HONEYPOTS

○ Deployment ○ Levels of Interaction

1. Production 1. Low Interaction[ours is

2. Research [ours is this ]
based on this ] 2. High Interaction

11
Low interaction Honeypot

○ Emulated ○ Limited interaction ○ All the services

Environment for an attacker that is provided
are emulated too

○ Not Vulnerable ○ The low interaction

themselves we are using is
Honeypy

12
ABOUT
HONEYPY
A low interaction
Honeypot

13
HoneyPy

○ A low interaction honeypot

○ It is written in Python
○ It is easy to configure, deploy and extend
○ We can add new service emulations to it
too for both TCP and UDP

14
Example

15
 Why are we doing this

611,141
Whoa! These are number of attacks that were blocked
on daily basis in 2017
These are the attacks that came into the radar you can
understand by this how many must have been left
unhandled.

16
Vaurious libraries/Dependencies
used in HoneyPy
Twisted
It is an event driven networking
engine written in python. It
Supports numerous protocols
PyQt
PyQt is a GUI widgets toolkit. It is a
blend of python programming
language and Qt library , a cross
platform GUI library
Reactor
The reactor is the core of the event
loop within Twisted. The event
loop is a programming construct
that waits for and dispatches event
or messages in a program
17
Live Screen
Captures

18
 Snap 1
Running MySQL service in kali Linux.

19
 Snap 2
Running the main program program.py

20
 Snap 3
The GUI opens and Click on start to start the event 21
 Snap 4
Detection of activities on various ports 80,23,24

22
Future
prospects

23
Various Future Working that can
be done

○ Analyzing and ○ Elastic search and

visualizing the Kibana are powerful
honeypot data data analytical tools
using Elastic Search that can be taken
and Kibana into use to make
fruitful use of the
data that is being
stored in the
database
24
THANKS!
Any questions?

25