Abstract

With the emerging of highly advance technology, risks in systems are also increases which even cannot be prevented by many security measures. Attacks in different form are being used to exploit the system through network. Intrusion Detection System (IDS) is used to detect the intrusion from such attack. IDS have certain limitation to detect and response in timely manner as well as to prevent the intrusion. On the other hand, IDS does not have the capability to capture the state of the system when an intrusion is detected Therefore it fails to preserve the evidences against the attack in original form and hence, digital evidence which is necessary in judicial proceedings for legal purpose cannot be produced in the court. The existing system used automatic digital forensic tool to capture the state of system when the intrusion occurs. But the damage control is yet to be considered. If the Alert log generated by IDS is altered tracking of intrusion will be fail. Our Primary aim is to focus on mitigation of damages done by an intrusion using firewall. We also used database to store the output log on another system to secure it.

Authors and Affiliations