Security Investigate

Remote IP Addresses Based Intrusion Detection

Download now Free registration required

Executive Summary

After an intrusion has been detected, it requires a lot of time and effort to recover system damage. This paper proposes a method to prevent intrusions by the self-monitoring intrusion system instead of system administrators in Linux system. This method monitors every new scheduled process and checks the intrusion possibilities using IP information of processes. It might be implemented on kernel and a user space process. The proposed method is implemented and tested on Linux. To test the proposed method, well known exploit codes are used to monitor the root privileged processes. Although the proposed method is implemented in Linux system, it is applicable to other operating system to increase the level of the system security.

  • Format: PDF
  • Size: 259.1 KB