The week's pick
Random Articles
Reseach Article
Intrusion Detection on Campus Network, the Open source approach: Accra Technical University Case Study
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 164 - Number 6 |
| Year of Publication: 2017 |
| Authors: Victor Gbedawo, Komi Agbesi, Theophilus Adukpo |
10.5120/ijca2017913664
|
Victor Gbedawo, Komi Agbesi, Theophilus Adukpo . Intrusion Detection on Campus Network, the Open source approach: Accra Technical University Case Study. International Journal of Computer Applications. 164, 6 ( Apr 2017), 20-27. DOI=10.5120/ijca2017913664
Abstract
The computer network security landscape in recent times has become a crucial area in computer networking for both network administrators and network users such that, a compromise of this network security makes the services it provides and more importantly the data it holds, highly susceptible to exploits by malicious people for different purposes and reasons. This is particularly so for campus networks in view of the fact that, they do not only provide services to promote academic work directly but in many ways are integrated into the administrative setup of the institutions they serve. This research therefore seeks to investigate the security threats and vulnerabilities of campus networks and systems to a great extent, so as to propose interventions to resolving these threats, vulnerabilities and exploits, so as to improve the security of these networks by conducting a penetration test that simulates Intrusion Detection employing free and open source software (FOSS) tools. The research adopted “Cloppert’s kill chain” Approach to Penetration Testing. The elements of the simulation included the following FOSS tools VMware Fusion (Operating System simulator), Zentyal Server (unified network server), Snort (Intrusion Detection System), Suricata (Intrusion Prevention System), Nmap (Network scanning), OpenVAS (Vulnerability Assessment Software) and Metasploit Framework (Exploitation tool). Results of the simulation revealed injection flaws to be the prevalent security vulnerability that was exploited and hence, discussed to improve computer network and application security in a rather cost effective fashion.
References
- Bragg, R., Phodes-Ousley, M., & Strassberg, K. (2004). Network Security: The complete Reference. McGraw-Hill/ Osborne (Vol. 53). http://doi.org/10.1017/CBO9781107415324.004
- White, J. S., Fitzsimmons, T., & Matthews, J. N. (2013). Quantitative analysis of intrusion detection systems: Snort and Suricata. Proceedings of SPIE, 8757, 875704. http://doi.org/10.1117/12.2015616
- Pathan, A. (2014). The State of the Art in Intrusion Prevention and Detection, 472. Retrieved from http://books.google.com/books?hl=en&lr=&id=o39cAgAAQBAJ&oi=fnd&pg=PP1&dq=The+State+of+the+Art+in+Intrusion+Prevention+and+Detection&ots=yD8AGesoz9&sig=rdvWXKWoK5f0UHio9n4QSJe0NB8
- Zentyal Documentation. 3rd June 2016. https://wiki.zentyal.org/wiki/Zentyal_Wiki
- Liebowitz, M., Kusek, C., & Spies, R. (2014). VMware vSphere Performance.
- Kennedy, D., O’Gorman, J., Kearns, D., & Aharoni, M. (2013). Metasploit the Penetration Tester’s Guide. Computers & Security (Vol. 32). http://doi.org/10.1016/j.cose.2012.09.009
- Beggs, R. W., Cutler, T. P., Heriyadi, D., Singh, T., Amit, K., Karpe, P., … Jones, J. (2014). Mastering Kali Linux for Advanced Penetration Testing Mastering Kali Linux for Advanced Penetration Testing Cover image. Retrieved from www.packtpub.com
- OWASP top 10-2013. 16 September 2016. https://www.owasp.org/images/f/f8/OWASP_Top_10_-_2013.pdf
Index Terms
Keywords