Professional Documents
Culture Documents
2015
SEPTEMBER 2015
DECLARATION
I declare that this report is my original work and all references have been
cited adequately as required by the University.
Date: 31/12/2015
Signature : .................
Full Name : Muhammad Fikri bin A.
Hamid
ID Number: 52261212332
APPROVAL PAGE
We have supervised and examined this report and verify that it meets the
program and Universitys requirements for the Bachelor of Information
Technology (Hons) in Computer System Security.
Date: 31/12/2015
Signature:.
Supervisor: HERNY RAMADHANI
Official Stamp:
Date: 31/12/2015
Signature:.
Assessor: HAN LOCK SIEW
Official Stamp:
4
ACKNOWLEDGEMENT
In the name of Allah, The Most Gracious, The Most Merciful, and Him
alone are worthy of all praise.
It is not possible for me to acknowledge individually the debt that I owe to
who had made their contribution in preparing and writing this research
project proposal. I would like to thank many people who helped me.
Special thank go to my supervisor, Madam Herny Ramadhani bt
Mohd Husny Hamid, Sir Han Lock Siew and Madam Yuhanis for her
wonderful support, guidance and cooperation that had been given to me
through the compilation of this project. I would also express my gratitude
to Madam Hazimah who had been guiding the writing of this report from
the beginning.
I would like to thank my family and my friends for their deepest
concern and investment during the course of this project. All of you are my
strength and thank for everything.
LIST OF TABLES
Page No
5.2:
Display
Cross-Site
Scripting
test.
...67
Table 5.2: Webmin display test....68
6
LIST OF FIGURES
Page No
Figure
1.1
Current
IPS.............3
Figure 2.1: Type of Attacks by layer..8
Figure
2.2:
Anatomy
of
Web
Attack
Process
........9
Figure 2.3: SQL Injection Process.......11
Figure 2.4: IPS Architecture..
....15
7
Figure
2.5:
Example
of
Signature
based.
....16
Figure 2.6: Example of Rule Base......
..17
Figure
2.7:
Firewall
Process......
.......18
Figure
2.8:
Airsnare
Intrusion
Detection
System.
...20
Figure
2.9:
Airsnare
Intrusion
Detection
System..
Detection
System
.........21
Figure
2.10:
Airsnare
Intrusion
....22
Figure
3.1:
Rapid
Application
Development
(RAD)
....28
Figure 3.2: Penetration Testing using Burp suite...36
Figure 3.3: Schools website..
37
Figure 3.4: System Diagram on How the System Works .
.38
Figure
.39
Figure
3.5:
Flow
chart....
3.7:
Proposed
project
sketches.............................40
Figure
3.8:
Proposed
project
sketches......................41
Figure 4.1: Schools website .
47
Figure 4.2: Virtual Private Server.
.48
Figure 4.3 : Web Application Firewall (WAF)..
.49
Figure
4.4:
Flow
chart
....50
Figure 4.5: Command Installation Voyage Debian Process..
51
Figure
4.6:
Command
ModSecurity/Apache
2....52
Figure 4.7: Create and Modified Base Rules.
.53
Figure 4.8: Reverse Proxy Architecture on IPS .
.60
Figure 4.9: Webmin....62
Figure 5.1: Result of IPS...
.65
Figure
5.2:
Graph:
Usefulness
result...70
ABSTRACT
10
11
TABLE OF CONTENT
DECLARATION.........................................................................................iii
APPROVAL PAGE..iv
ACKNOWLEDGEMENT..v
LIST OF TABLESvi
LIST OF FIGURES..vi
ABSTRACT.vii
CHAPTER 1: INTRODUCTION
1.1 Introduction......1
1.2 Project Background.....2-3
1.3 Problem statement...34
1.3.1 Application layer attacks are increase..
..3
1.3.2
Current
IPS
not
very
efficiency
.................4
1.4
Solving...4
1.4.1
Produce
IPS
and
used
reverse
Problem
proxy
methods....4
1.4.2 Create updated rules and new signature of attacks
.4
1.5 Objectives.5
1.6 Project Scope...5-6
1.6.1 Target User....5
12
1.6.2
Key
Functions
of
Intrusion
Prevention
System
Technologies.6
1.7 Project Significant.......7
1.8 Conclusion.......7
13
Introduction
of
Literature
Review............................8
2.2 Web attack..8-12
2.2.1 Anatomy of web attack910
2.2.2 Type of web attack....1012
2.2.2.1 SQL injection....11
2.2.2.2 Cross-site scripting.
.....12
2.3 Method to protect from Web Attack...1214
2.3.1 Firewall.13
2.3.2 Anti-virus......13
2.3.3 Intrusion Prevention System...
..14
2.4 Information of Intrusion Prevention System.1519
2.4.1
Technique
that
be
used
on
IPS........15
2.4.2 IPS Methods to Detect and Prevent Attacks ....1618
2.4.3 Advantages using IPS
19
2.5 Type of Current IPS.2022
2.5.1 Airsnare.......20
14
Comparison
of
Different
Intrusion
Prevention
System
........25
2.8
Conclusion.
...........26
15
CHAPTER 3: METHODOLOGY
3.1 Introduction........27
3.2 Rapid Application Development....27-37
3.2.1 Phase 1: Analysis Design and Quick Design ...2932
3.2.2 Phase 2: Development (Build, Demonstrate and Refine)..33-35
3.2.3 Phase 3: Testing ....36
3.2.4
Phase
4:
Implementation
and
release..37
3.3 System Architecture..38
3.4
Flow
chart...
....39
3.5 Proposed project sketches........40-41
3.6 Budget / Cost Estimation....4243
3.6.1 Hardware Requirement..
42
3.6.2 Software Requirement...43
3.7 Conclusion.....43
16
Example
of
SQL
Operator
rules.54
4.6.3.2 Example of SQL Tautologies rules....55
4.6.3.3 Example of Blind SQL Injection rules...
.56
4.6.3.4 Example of XSS: Detect Event Handler Name
rules......57
4.6.3.5 Example of XSS Filters rules..
...............58
4.6.3.6 Example of XSS: Detect Usage of Common URL
Attributes..59
4.6.4 Reverse Proxy use on SMB IPS.6061
4.6.5 Make Webmin.....62
4.7 Conclusion.....62
18
Introduction......
...72
6.2 Objective Achievement.......72-73
19
Future
Enhancement
(Recommendations)
....75
6.5 Conclusion......75
REFRENCES....76-79
APPENDICE
A:
Questionnaire..
...................80
APPENDIX B: Gantt Chart.8183
20