PRESENTED BY BUSHRAMUNIRIMPROVING INTRUSION DETECTSYSTEM BY HONEYPOT
Why Network SecuritySystem Automation, New technologies Blackhats Worms, Trojan, Dos attacks
Intrusion Detection SystemMonitors network traffic and suspicious activityAlerts the system or network administrator.Respond to anomalous or malicious traffic by takingaction such as blocking the user or source IPaddress from accessing the network.Tracking user policy violation.
IDS Categories Signature based detection system Anomaly based detection system Specification based detection system
Disadvantages Known threats False alarm ratio Logging and analyzing huge amount of data Processing Loads
New Threats and Attacks Phishing Botnets Trojan and worms Impersonation
HoneypotA New paradigm of SecurityA honeypot is an information system resource whosevalue lies in unauthorized and illicit use of thatresource
Classification based onImplementationServer Side HoneypotClient Side HoneypotsClassification based on InteractionLow Interactive HoneypotsHigh Interactive Honeypots
Value of Honeypot Hybrid Honeypots Analysis of attacks Reduction in False Alarm Ratio
Reduction in False AlarmRatio of IDS using HoneypotProposed model
CONCLUSIONHoneypot is a new paradigm to secure andprovides valuable researches to prevent threats.