Looking for someone to create a simple IDS prototype which can detect various types of activities
Looking for someone to create a simple Sensor-based IDS prototype which can detect various types of activities which go against the security policy, and to generate useful alerts which could be used to create preventative security measures to mitigate future intrusions. The main system to be protected is a Web server segment, which also runs a Telnet and FTP servers. Overall the main activities to detect and report on include:
-Reconnaissance of systems on the segment, including host scans and port scans.
-Detection of typical attacks against the Web server, including a possible Denial-of Service (DoS) attack.
-Detection of remote user administration access to the servers, over the network.
The aim is for you to create a prototype of a system which outlines how the system could possibly work, and to produce technical analysis, design, testing and details of the prototype solution.