Transparent Active Network Attack Detection, and Identification of an infiltrator is performed by an Intrusion Detection System (IDS). The Intrusion detection system applied in this thesis consists of an Optical Data Systems (ODS) SecureDetector running Internet Security Systems' (ISS) RealSecure software. The transparent isolation of an attacker from the system under attack (SUA) is achieved by placing a gateway between the two. The gateway provides the means by which packets, from an attacker, are covertly diverted from the SUA to a "Honey Pot", which is a machine whose purpose is to lure attackers into revealing information about themselves. The performance of this system is determined by the transparency of the defensive measures incorporated within it. This project utilizes the facilities of the Cooper Union Electrical Engineering Department's Active Network Defense (AND) Laboratory, which contains all of the aforementioned hardware and software. |