Περίληψη:
This master thesis is about the technology of Intrusion Detection Systems. Nowadays more than ever the digital world of the internet is a hostile environment. The need for protection has been dramatically increased . Many intrusion-detection systems exist. To identify intrusions the misuse detection methods utilize patterns of well-known attacks or weak spots of the system. Attack scenarios are be translated into the sequences of audit events they generate or into patterns of data that can be sought in the audit trail generated by the system. This technique allows a very efficient implementation. The purpose of this thesis is to overview, examine and test intrusion detection systems . Their ability to detect intrusions will be tested in a home network with two personal computers and a few virtual machines .Tests will take place in windows and linux environments . We will attack the network with network scanning tools like nmap or simulate attacks generating network traffic in order to see how the IDS reacts. The results from these tests will be discussed and analyzed to provide a general view of IDS technology. Also we are going to examine some output-plugins applications which provide a visual representation of the IDS’s results.