Network intrusion monitoring and reporting using e-mail and sms
Abstract
The fundamental problem with any security administrators today is its ability to cope with the
rising amount of network intrusions. Network security is fast becoming an absolute necessity to
protect the information contained on computer systems worldwide. With 40 per cent of the
global economy driven bye-business, attacks on networks are becoming more frequent, more
varied, and more costly.
The need for increased protection of information assets in storage, in transit, and during access
has driven companies to look to vendors to provide products that ensure that their privacy is
protected. The ever changing network use and operation along with the public concern for
protection of sensitive information makes implementing an effective security plan a must. This
includes many different pieces of software and hardware working together to provide the desired
protection.
Network Intrusion Monitoring and Reporting Using Electronic mail and Short Message Service
(NIMRUES); an intrusion detection and monitoring system that involves capturing intrusion
occurrences in Windows operating system security event log files. Once the intrusion is detected
the message is captured and converted from Windows proprietary binary format to plain text
format that is send to alert the security administrator through E-mail and SMS. Upon receiving
this alert message the administrator will take necessary jaction(s) before serious negative impact
is caused.
The developed NIMRUES prototype is based on XAMPP server which provides an integrated
system of servers i.e. Mercury 32 mail server for sending E-mails, Apache web server for
provision of web hosting; the web address http://iocalhost/nimrues.net provides an interface to
access error information stored in My SQL database server by use of a web browser software.
The retrieval of error messages in the back end (database) is facilitated by use of php scripting
which the XAMPP server is able to parse. Java Eclipse has been used integrate SMSLib tools to
send errors messages to the security administrators phone before been written to the database.
Publisher
School of Computing and Informatics
Subject
Network intrusionDescription
MSc