{"id":480,"date":"2024-09-20T20:08:27","date_gmt":"2024-09-20T20:08:27","guid":{"rendered":"https:\/\/dev.www.purdue.edu\/polytechnic\/livlab\/?page_id=480"},"modified":"2025-09-19T16:30:57","modified_gmt":"2025-09-19T16:30:57","slug":"security-projects","status":"publish","type":"page","link":"https:\/\/www.purdue.edu\/polytechnic\/livlab\/security-projects\/","title":{"rendered":"Security Projects"},"content":{"rendered":"\n
\n
\n
\n \n

Security projects<\/h1>\n \n
\n\n \n

<\/p>\n\n <\/div>\n \n <\/div>\n <\/div>\n

\n \"\"\n <\/div>\n <\/div>\n\n
\n
\n
\n

NETWORK SECURITY<\/h1>\n
\n \n\n

Projects that cover network security.<\/p>\n\n <\/div>\n <\/div>\n <\/div>\n<\/div>\n\n\n

\n
\n
\n
\n

security<\/h2>\n <\/div>\n
\n
\n
\n
\n
\n
\n
\n
\n \"\"\n\n <\/div>\n <\/div>\n
\n
\n

Security Analyst \u2013 IDS\/IPS<\/h3>\n

The university course\u2019s campus network already has an Intrusion Detection System in place. The intrusion detection system\u2019s current status was not functioning properly in some regards. The system tended to produce \u201cfalse positives\u201d, or alerts that are triggered by harmless sources on the network at an aggressive level. It has since been improved and the issues have been resolved. <\/p>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n

\n
\n
\n
\n \"\"\n\n <\/div>\n <\/div>\n
\n
\n

Wazuh: An Intrusion Detection System<\/h3>\n

Wazuh is an open-source intrusion detection system that uses individual agents to monitor user and network activities on a host-basis. Suspicious activity is reported using alerts via email. Agents were deployed to the workstations in the Living Lab through the use of group policy management. The Auto-OSSEC tool developed by Binary Defense Systems provides automatic provisioning for agents in order to provide their authentication key. Kibana is a web interface that can manage agents and mine data. <\/p>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n

\n
\n
\n
\n \"\"\n\n <\/div>\n <\/div>\n
\n
\n

IDS Network Security<\/h3>\n

The objective was to install an intrusion detection system (IDS) for a university course. The client wanted an IDS installed and configured within the server room overseeing the computer lab that CIT students used for both classes and lab. The administration wanted a setup that allowed them to view student activity on the network. For this project, a decision was made to use SELKS for the IDS because it is open source and comes with community rules. Additionally, SELKS hosts several different programs that help fill out the features of the IDS. Once fully operational, it will be able to block ports on lab computers, when malware or viruses are detected. This is technically an ongoing project since the IDS requires maintenance and investigations are conducted when alerts occur. Additionally, rules can be implemented to detect violations of the school\u2019s internet usage policy. Student Team Members: Joshua Waggoner and Scott Marley <\/p>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n

\n
\n
\n
\n \"\"\n\n <\/div>\n <\/div>\n
\n
\n

Network \/ Security Analysts<\/h3>\n

This project integrated multiple programs and software to enhance the security and monitoring of the Living Lab network. Some tools such as Proxmox, GRR, Spiceworks, OSQuery, Veyon were used to create the proper environment for monitoring and examining the lab network and PCs. These tools allow for monitoring of individual PCs, and Veyon can control the Living Lab computers in ET 007A and ET 007B. Monitoring the network and reporting any critical issues lies within the scope of the project. Another aspect of the project was implementing active directory services for the Living Lab. This includes ensuring options for disaster recovery, fail-over, Windows Server Update Services (WSUS), and more. This will be used to help monitor the workstations and servers used in the Living Lab going forward. <\/p>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n

\n