Website Attack Prevention Using E-Shield as a IDPS Tool

This paper holds the essence of preventing a system from attacks using honeypot integrated IDS in detail. Security breaches have soared high at an accelerating rate with the growing technological changes. Only detection cannot help solve the problem that the websites face. Eliminating the attacks is very paramount. The paper talks about how E-Shield (a system created to identify, intercept and eject the attacks) occuring on a website works. A system does not know whether the user is a good user or a bad user. A bad user, that is an attacker could harm the system, its resources, and misuse it in multiple ways. While there exist a variety of attacks, the paper focuses only on the 5 frequent attacks, besides listing all the major attributes of the user such as the source of attack, the status of the system’s security. Starting with the basic signup and logging in feature, to storing the credentials along with solving the intricacies related to it, to the ultimate step of preventing and avoiding the hazardous threat of data loss, all the system’s needs are catered to. The paper also discusses how the system tracks the user’s activities over a specified period of time and analyses and records them. Henceforth, leading to the betterment of cyber security, creating a pathway for online investments.

[1]  A. B. Robert Petrunic,et al.  Honeytokens as active defense , 2015, 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO).

[2]  Puja Padiya,et al.  Survey of different IDS using honeytoken based techniques to mitigate cyber threats , 2016, 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT).

[3]  Mayank Agarwal,et al.  DoS attacks prevention using IDS and data mining , 2016, 2016 International Conference on Accessibility to Digital World (ICADW).

[4]  Liu Dongxia,et al.  An Intrusion Detection System Based on Honeypot Technology , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[5]  A. Pomsathit Effective of Unicast and Multicast IP Address Attack over Intrusion Detection System with Honeypot , 2012, 2012 Spring Congress on Engineering and Technology.

[6]  Prathamesh Churi,et al.  Honey-patterns: Recognizing Pattern based Attacks on Websites , 2017 .

[7]  Melody Moh,et al.  Detecting Web Attacks Using Multi-stage Log Analysis , 2016, 2016 IEEE 6th International Conference on Advanced Computing (IACC).

[8]  Jun Wang,et al.  Construction of large-scale honeynet Based on Honeyd , 2011 .

[9]  Prathamesh Churi,et al.  E-shield: Detection and prevention of website attacks , 2017, 2017 2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT).

[10]  Nen-Fu Huang,et al.  An OpenFlow-based collaborative intrusion prevention system for cloud networking , 2015, 2015 IEEE International Conference on Communication Software and Networks (ICCSN).

[11]  Arun Mishra,et al.  Prevention of information leakages in a web browser by monitoring system calls , 2014, 2014 IEEE International Advance Computing Conference (IACC).

[12]  Yong Tang,et al.  HonIDS: enhancing honeypot system with intrusion detection models , 2006, Fourth IEEE International Workshop on Information Assurance (IWIA'06).

[13]  C. Balakrishnan,et al.  Prevention Strategies and Network Intrusion Prevention Techniques for Dos Attacks , 2013 .

[14]  Aloysius K. Mok,et al.  Collaborative Intrusion Prevention , 2007, 16th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2007).

[15]  Yun Yang,et al.  Design and implementation of distributed intrusion detection system based on honeypot , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[16]  Naresh Kumar,et al.  Comparative Study of Intrusion Detection Systems in Cloud Computing , 2013 .

[17]  Jizhou Sun,et al.  Honeypot and scan detection in intrusion detection system , 2004, Canadian Conference on Electrical and Computer Engineering 2004 (IEEE Cat. No.04CH37513).

[18]  Mohammad Alshraideh,et al.  Detecting and Preventing SQL Injection Attacks: A Formal Approach , 2016, 2016 Cybersecurity and Cyberforensics Conference (CCC).

[19]  Guanlin Chen,et al.  Research of wireless intrusion prevention systems based on plan recognition and honeypot , 2009, 2009 International Conference on Wireless Communications & Signal Processing.

[20]  Xue Han,et al.  Research on the application of honeypot technology in intrusion detection system , 2014, 2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA).

[21]  Tomomi Aoyama,et al.  ICS Honeypot System (CamouflageNet) Based on Attacker's Human Factors☆ , 2015 .

[22]  Suhardi,et al.  Anomaly-based intrusion detection and prevention system on website usage using rule-growth sequential pattern analysis: Case study: Statistics of Indonesia (BPS) website , 2014, 2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA).

[23]  Shashikala Tapaswi,et al.  The Performance Analysis of Honeypot Based Intrusion Detection System for Wireless Network , 2017, Int. J. Wirel. Inf. Networks.