Font Size: a A A

Real-Time Adaptive Intrusion Detection to Secure File Transfer Session

Posted on:2018-09-06Degree:Ph.DType:Dissertation
University:The Catholic University of AmericaCandidate:Al-Ayed, FadiFull Text:PDF
GTID:1448390002999486Subject:Computer Science
Abstract/Summary:
Real-Time Adaptive Intrusion Detection to Secure File Transfer Sessions Fadi Al-Ayed, Ph.D. Director: Hang Liu, Ph.D. Many government authorities and industries are continuously using the traditional on-premise type of exchanging data remotely via File Transfer Protocol (FTP). The core benefit of using FTP is to directly transfer data from the server to the clients and vice versa, but are prone to intrusions. There are several type of attacks such as Denial of Service (DoS), Probe, Remote-to-Local (R2L), and User-to-Root (U2R). Attacks occur in R2L, for instance, are known as password guessing and port scanning attacks. Therefore, exchanging sensitive data between the clients and server through FTP is very crucial to consider the integrity, confidentiality, and security approaches for the corporate systems. Intrusion Detection System (IDS), however, is a significant system which monitors all activities on individuals that inspects the inbound and outbound network traffic and compares these with the pre-defined famous attacks through users' log in a large workplace environment.;This dissertation will have the following two approaches to secure file transfer sessions in FTP which are Intrusion Prevention System (IPS) and Intrusion Detection System (IDS). The first part of this study will be to implement a Kerberos approach to validate the appropriate clients and to eliminate a large number of unauthorized users or intruders. Kerberos approach can be described as a network cryptographic mechanism that provides a strong communication between the clients and the server. The second part of this study will be to perform an anomaly activity detection using the Markov fingerprinting scheme that builds a Markov chain model of the normal Kerberos session messages and applies the machine learning technique to detect deviation from the model of normal traffic. The proposed scheme can be extended to support other applications on a Kerberos network. The results of the experiments show that implementing Markov fingerprinting with Kerberos can improve the security in terms of prevention and detection of malicious behaviors.;Although there have been a number of studies proposed several methods to prevent attacks along with Secure Sockets Layer (SSL), this dissertation proposes a distinctive hybrid solution "real-time adaptive intrusion detection to secure file transfer sessions" to help organizations having better network security controls so that administrators can take action early to avoid serious consequences.
Keywords/Search Tags:Secure file transfer, Adaptive intrusion detection, Network, FTP
Related items