Page 135 - Cyber Defense eMagazine for July 2020
P. 135
hon()
Fig 4: Screengrab of Honeypot in Action
Intrusion Detection System
Intrusion Detection is a particularly, very important mechanism to implement, since detecting an anomaly
or intrusion is the fundamental step in protecting a system. It is based on strategies involved in applying
round-the clock detection and scanning. The IDS is created as a virtual network using mininets which
serve as honeypot hosts that continually monitor the traffic flowing in and out of the network for anomalies.
If an anomaly or outlier is detected, then an email is sent to the user of the same, and fake SYN packets
are sent for the attackers to connect to a virtualized and isolated mininet network. This mechanism is still
under rudimentary development and testing owing to the length and breadth of operations and functions
it aims to deliver.
Parser Differential
This mechanism is implemented inorder to cripple the various elf executable decompilers out there.
Hence, the given c program code is run through an algorithm to make it unreadable by the decompilers
such as radare2 or even gdb. This mechanism is highly influenced by LiveOverflow’s Reversing series.
Hence cracking programs to find license keys get much harder. This parser differential module allows
the user to upload C programs that they want to scramble and hence prevent cracking. The underlying
algorithm is quite simple but extremely effective. Only one random byte within the code is scrambled so
that it renders the whole code unreadable to decompilers but not to the Linux terminal. Hence the code
can be executed but not decompiled.
Facial Recognition
Facial Recognition is a Biometric Artificial Intelligence based algorithm that can uniquely identify a person
by analyzing patterns based on the person's facial textures and shape. Facial Recognition has been
Cyber Defense eMagazine –July 2020 Edition 135
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.