While the increased inter-connectivity of the computer networks has brought a lot of benefits to the people, it also rendered networked systems vulnerable to malicious attacks from the hackers. The failure of the intrusion prevention techniques to adequately secure computer systems has lead to the growth of Intrusion Detection System.
In this study, we have designed and implemented a distributed, network-based intrusion detection system – Sachet. The Sachet word is a hindi word which means – Alert.The system uses an existing open source network based misuse detection system – snort. We have built upon snort to develop a heterogeneous, scalable, distributed IDS that is completely controllable from a central location.
Sachet comprises of multiple agents that use snort for misuse detection, a central server that stores all alerts and controls the agents, and a console for monitoring and viewing the activities of entire Sachet system by the system administrator. The agents and server communicates using a Sachet protocol that ensures reliability, mutual authentication, confidentiality, integrity and provides tolerance from agent and server crashes.
Other Intrusion Detection System based Projects: