CSE 423 (MMRN-231): IPS, Honeypot

IPS, Honeypot

Intrusion Prevention System (IPS):

An Intrusion Prevention System (IPS) is a security technology that goes beyond intrusion detection and actively takes preventive measures to block or mitigate potential network attacks or intrusions. IPS combines the capabilities of an Intrusion Detection System (IDS) with the ability to automatically respond to detected threats. Here are the key aspects and functions of an IPS:

Real-time Threat Prevention: IPS analyzes network traffic in real-time, just like an IDS, to detect known attack signatures or suspicious behavior. However, unlike IDS, an IPS actively responds to detected threats by blocking malicious traffic, dropping packets, or reconfiguring network devices to prevent the attack from reaching its target.
Signature-Based Detection: IPS uses signature-based detection similar to IDS, where it compares network traffic against a database of known attack signatures. If a match is found, the IPS can take immediate action to block or mitigate the threat.
Anomaly-Based Detection: Similar to IDS, IPS can also employ anomaly-based detection techniques to identify deviations from normal network behavior. By establishing a baseline of normal activity, the IPS can detect abnormal patterns that may indicate an ongoing attack or compromise.

Honeypot:

A honeypot is a security mechanism that aims to deceive potential attackers or intruders by simulating attractive targets or resources on a network. The primary purpose of a honeypot is to lure attackers into a controlled environment, gather information about their tactics and intentions, and study their behavior without exposing the actual production systems. Here are the key aspects and functions of a honeypot:

Decoy System: A honeypot appears to be a legitimate system or network service, enticing attackers to interact with it. It mimics real systems, applications, or services to make it appear valuable or vulnerable to potential attackers.
Monitoring and Analysis: Honeypots are designed to capture and record all activity and interactions that occur within their environment. This includes logging network connections, commands executed, files accessed, and other actions taken by the attackers. The information gathered helps security professionals understand attack techniques, identify new threats, and develop effective countermeasures.

Announcements

Students Interest Survey!!!

Course Outline

Text Book

PO's for Outcome Based Education(OBE)

Open Discussion

Open Discussion (Week-2)

Open Discussion (Week-3)

Open Discussion (Week-4)

Open Discussion

Open Discussion (Week 8)

Open Discussion (Week 9)

Open Discussion (CT and Week 11)

Antivirus

Firewall

IDS

IPS, Honeypot

Information Security

Quiz-03

Information Security (Spring 2023)

IPS, Honeypot

IPS, Honeypot

IPS, Honeypot

General

Announcements

Welcome to Information Security Course

Students Interest Survey!!!

Course Outline

Text Book

PO's for Outcome Based Education(OBE)

Week - 1: Information Security and It’s Elements

Open Discussion

Week - 2: Ethical Hacking and Concept

Open Discussion (Week-2)

Week - 3: Security Risk Management

Open Discussion (Week-3)

Week - 4: Security Risk Management(Contd.)

Open Discussion (Week-4)

Week - 6: Review of Previous Weeks

Open Discussion

Week - 7: Online CT & Assignment

Week - 8 & 9 : Incident Management and AI and ML in Information Security

Open Discussion (Week 8)

Open Discussion (Week 9)

Week - 10: Malware Detection and Analysis

Open Discussion (CT and Week 11)

Week - 11: Antivirus & Firewall

Antivirus

Firewall

Personal Device Security-IDS_IPS_HoneyPot

IDS

IPS, Honeypot

Assignment

Information Security

Last Quiz

Quiz-03

IPS, Honeypot

IPS, Honeypot