Cyberattacks are becoming more prevalent and threatening in our modern digital world but many home users, without large budgets for sophisticated security tools or skilled networks analysts, are left defenseless. Home networks are relatively small but still chaotic - with unrestricted use policies, various types of user endpoints (including vulnerable IoT devices), and new programs demanding more from home networks every day. The goal of our project is to research common attacks threatening home users and to prototype a system capable of helping users keep their home networks secure. The main threats focused on in our research were phishing webpages, endpoint computers being compromised with malware, and IoT device take-over. Virtualized lab environments were created using Docker for the purposes of generating “malicious” network traffic in a controlled environment. The captured traffic included various stages of connecting to phishing webpages as well as different communications and attacks carried out by a command-and-control (C2) server. We designed and prototyped an intrusion detection system (IDS) to find threats as they begin compromising a network and to efficiently communicate the detections to a non-technical home user so that they can secure their network. The IDS makes use of both malicious signature matching - using SNORT - as well as a machine learning (ML) for detecting attacks. The various detections are processed and displayed on a user-friendly dashboard. The IDS was designed to be host-centric, so the detections are related to potential compromise and mis-use of host devices. The dashboard also includes explanations of technical concepts and suggested actions for how users can secure their home network from detected threats.

• This report represents the work of one or more WPI undergraduate students submitted to the faculty as evidence of completion of a degree requirement. WPI routinely publishes these reports on its website without editorial or peer review.

Creator

• Wang, Yonghua
• Faria, John
• Lai, Michael

Publisher

• Worcester Polytechnic Institute

Identifier

• 43571
• E-project-121621-121329

Advisor

• DeCarli, Lorenzo

Year

• 2021

Date created

• 2021-12-16

Resource type

• Major Qualifying Project

Major

• Computer Science

Rights statement

• In Copyright