Anonymous Peer-to-Peer File Sharing System    [Report]
The Internet has become a pivotal system for information dissemination and content sharing across the globe. While the Internet Protocol suite (TCP/IP) takes into account numerous performance issues, data transfer on the Internet inherently provides no privacy. All packets used for TCP data transfer can be easily traced back to the host specified in the IP source address field. Responder anonymity is also as crucial as the initiator anonymity, as responder anonymity would allow privacy for network interactions such as anonymous web servers, anonymous e-mail, and private peer-to-peer file sharing. In this project, we have tried to implement an Anonymous Peer-to-Peer File sharing system based on the Initiator as well as the Responder anonymity. The member peers are organized into a group that forward message for each other, trading bandwidth for anonymity. The general method of the protocol is that an initiator creates a path through the group, and the last member of the path, called the tail node, contacts the responder. The tail node then forwards the request to the responder and returns the reply back to the initiator. This method provides anonymity, because at each step on the path it is not possible to tell if the previous hop initiated the message or was forwarding it for some other member. Our implementation is based on the concept of a centralized Coordinator that is used for initialization of the peers. After initialization, the peers can anonymously talk to each other.

Hybrid Profiling Strategy for Intrusion Detection    [Paper]   [Presentation]
With the rapid expansion of computer networks during the past few years, security has become a critical issue for modern computer systems. A long standing problem in the field of computer security is that of intrusion detection. There are two major types of Intrusion Detection Systems (IDS) available – Signature-based and Anomaly-based. The proposed study is mainly concerned with Anomaly-based IDS, with prime focus on Self Learning IDS. While much work has been done on intrusion detection in the context of the anomaly detection, the exploration of what defines “normal” has been limited. Methods of intrusion detection based on hand-coded rule sets or predicting commands on-line are laborious to build or not very reliable. The goal of this study is to explore the various machine learning techniques that can be employed to generalize from past observed behavior to the problem of intrusion detection, in order to prevent future attacks. With this in mind, this paper takes the opportunity to review the existing IDS and explore the data available for modeling a normal behavior. This paper proposes a hybrid profiling strategy to model the normal behavior that tries to assimilate the positives of both user profiles and program profiles and is quite useful in user interface based applications. Various learning algorithms have been discussed in view to this hybrid modeling approach.

APHIDS: Agent-based Programmable Hybrid Intrusion Detection System    [Presentation]
Intrusion detection systems are quickly becoming a standard requirement in building a network security infrastructure. Although many established techniques and commercial products exist, their effectiveness leaves room for improvement. The purpose of this programming project was to develop a mobile agent based intrusion detection system. We developed a prototype for an intrusion detection system architecture which takes advantage of the mobile agent paradigm to implement a system capable of efficient and flexible distribution of analysis and monitoring tasks, as well as integration of existing detection techniques.

Intrusion Detection and Analysis    [Paper]
The constant increase of attacks against networks and their resources causes a necessity to protect these valuable assets. With the rapid growth of internet technology, security has become a critical issue in modern computer systems. A long standing problem in the field of computer security is that of intrusion detection. This study tries to explore the various directions in intrusion detection research. It is mainly concerned with the various approaches for the design of an Intrusion Detection System. Also, the study briefly covers the area of intrusion analysis that can determine how and why a compromise took place and thus can prevent future attacks. The basic limitation of any IDS is that there is no way to read an intruder’s mind beforehand and this is what makes the problem more interesting and challenging. The current research is being focused on a paradigm shift in the underlying principles of the intrusion detection systems, making them more robust and secure in themselves. With this in mind, this paper can be used an introduction to the area of intrusion detection and analysis. It is hoped that examination of existing approaches will facilitate future study aimed at the development of novel solution architecture for this problem.