Project Description
The primary objective of this project is to build a Suricata IDS to protect the Cyber Range. The completed backend stack will support IDS functionality and provide a comprehensive reporting dashboard, alerting administrators to malicious activity and policy violations. Administrators will also have access to updated rules and policies within the IDS. Kibana and ELK Stack will serve as the data visualization component for the dashboard. The IDS's success will be measured by its ability to thwart bad actors and safeguard the Cyber Range, playing a key role in securing Western Washington University's network. While firewalls prevent cyberattacks, an IDS detects suspicious network activity. Despite its comprehensive capabilities, the IDS has limitations that could pose risks. As a monitoring tool, it detects attacks rather than preventing them, requiring the Cyber Range to maintain a reactive incident response plan. Additionally, the IDS cannot detect fake or encrypted IP packets, leaving the network vulnerable to intruders who exploit this weakness.
Student Contributors
2021
- Niall O'Rourke
- William Pearson
- Rowena Tchao
- Matthew Jackson