Professional Documents
Culture Documents
Bhakti and Sakshi
Bhakti and Sakshi
An Internship Report On
Intrusion Detection System
Submitted By
Bhakti Balu Sutar
Sakshi Shailendra Deshpande
1
IDS
ACKNOWLEGEMENT
We would like to express our profound gratitude to Sunil Jaiswal, Scientist ‘F’,
Head of the Department of CGS, and Megha Pise Scientist ‘B’ of HEMRL for
their contributions to the completion of the project titled “Intrusion Detection
System”. Your useful advice and suggestions were really helpful to us during the
project’s completion. In this aspect, we are eternally grateful to you. Many thanks
to HEMRL for providing us the opportunity to complete our internship and
present this report by providing all the resources required.
2
IDS
Context
1. Introduction………………………………………………………………………………4
1.1. Motivation…………………………………………………………………………..5
1.2. Problem Statement………………………………………………………………….5
2. System Analysis………………………………………………………………………….6
2.1. Existing Systems……………………………………………………………………6
2.2. Scope & Limitations of Existing Systems………………………………………….6
2.3. Project Scope……………………………………………………………………….7
3. Requirement Analysis……………………………………………………………………8
3.1. Fundamental Requirements ………………………………………………………..8
3.2. Performance Requirements………………………………………………………....8
4. Security Requirements…………………………………………………………………..9
5. System Design…………………………………………………………………………...10
5.1. ERD And Normalization…………………………………………………………...10
5.2. UML Diagrams……………………………………………………………………..11
5.3. User Interface – Screens……………………………………………………………15
6. Implementations Details…………………………………………………………………16
6.1. Software Specifications…………………………………………………………….16
6.2. Hardware Specifications …………………………………………………………...16
7. Test Cases………………………………………………………………………………..17
9. Limitation………………………………………………………………………………..19
3
IDS
1. Introduction
Perimeter Intrusion Detection Systems (IDS) play a crucial role in fortifying security measures by
providing real-time monitoring and alerting mechanisms to identify and respond to potential
breaches in designated areas. Traditional IDS often rely on a combination of physical barriers,
sensors, and surveillance technologies to detect intrusions. However, advancements in computer
vision, coupled with robust database integration, offer a more sophisticated and efficient approach
to perimeter security.
The project at hand Introduces a comprehensive Intrusion Detection System leveraging state-of-
the-art technologies to enhance security measures. By integrating computer vision techniques,
specifically the YOLO (You Only Look Once) object detection model, the system can accurately
detect and classify objects within a monitored perimeter in real-time. This enables the system to
identify unauthorized individuals or objects entering restricted zones promptly.
The system is designed to define multiple polygons representing distinct security zones within the
perimeter. Each polygon delineates areas of varying importance or sensitivity, allowing for tailored
alert responses based on the detected intrusion’s location. Moreover, the system captures
screenshots of detected intrusions, providing visual evidence for subsequent analysis and
documentation.
Database integration forms a critical aspect of the project, facilitating the storage and retrieval of
intrusion data for archival and forensic purposes. By leveraging a PostgreSQL database, the system
securely stores relevant information, including timestamps, alert types, messages, and
accompanying screenshots. This centralized repository enables security personnel to access
historical intrusion data, analyze patterns, and refine security protocols proactively.
Real-time feedback mechanisms, including visual alerts overlaid on surveillance footage and
audible alarms, ensure timely notification of security breaches. By combining these features, the
system empowers security personnel to respond swiftly and decisively to potential threats,
mitigating risks and enhancing overall security posture.
4
IDS
1.1 Motivation
The motivation for a Intrusion Detection System(IDS) stems from the critical need to secure
sensitive areas and deter unauthorized access. Here are some key reasons why IDS are crucial:
• Security Enhancement: IDS act as a first line of defence, creating a virtual barrier around
protected zones. By detecting intrusions early, they deter potential trespassers and enable
security personnel to intervene promptly.
• Reduced Risk of Theft and Damage: Early detection of unauthorized activity minimizes the
risk of theft, vandalism, or sabotage of valuable assets or infrastructure.
• Improved Incident Response: IDS provide real-time alerts and detailed information about
intrusion location and severity, allowing security teams to respond efficiently and strategically.
• Forensic Analysis: IDS generate logs and store screenshots of intrusions, providing valuable
evidence for investigations and potential legal proceedings.
• Data-driven Security Insights: Data collected by IDS over time can be analyzed to identify
trends and patterns of attempted intrusions, enabling proactive security adjustments.
In essence, IDS play a vital role in safeguarding people, property, and critical infrastructure by
deterring intrusions, enabling faster response times, and providing valuable data for continuous
security improvement.
5
IDS
2. System Analysis
6
IDS
7
IDS
3. Requirement Analysis:
3.1. Fundamental Requirements
These requirements define the core functionalities of the IDS, acting as the building blocks for its
operation:
o Continuous Perimeter Monitoring: The IDS shall continuously monitor designated
perimeter areas using video surveillance feeds from strategically positioned cameras.
o Object Detection: The system shall leverage a pre-trained object detection model,
such as YOLO, to identify people within the video frames captured by the cameras.
o Zone-based Intrusion Detection: Virtual zones (geofences) will be defined within the
perimeter to categorize intrusion severity based on location. These zones will be
visually represented on the video feed for intuitive monitoring.
o Automated Alerts: Upon detecting a person within a restricted zone (e.g., red zone),
the system shall trigger visual alerts overlaid on the live video feed, clearly indicating
the intruded zone and time of occurrence.
o Severity-based Audio Alerts: The IDS shall generate distinct audio alerts for different
intrusion severities. For example, a high-pitched tone might signal a critical intrusion
in a red zone, while a lower-pitched tone could indicate a less severe intrusion in an
orange zone.
o Intrusion Logging: The system shall meticulously log intrusion data in a secure
database. This data should include timestamps, alert types (zone and severity),
messages, and screenshots captured during intrusion events.
o Data Export: The IDS shall provide a mechanism to export intrusion data in a CSV
format. This facilitates further analysis of security incidents, identification of patterns,
and potential integration with other security systems for a holistic security approach.
8
IDS
4. Security Requirements
The Intrusion Detection System(IDS) plays a vital role in safeguarding sensitive areas. To ensure the
integrity of the security system itself, robust security measures are essential. This section outlines the
key security requirements implemented in the IDS design.
Data Security
• Data Confidentiality: Intrusion data, including timestamps, alert types, messages, and
screenshots, are encrypted at rest (using industry-standard algorithms) and in transit (using
secure protocols like HTTPS) to prevent unauthorized access. Additionally, access controls
within the PostgreSQL database restrict data visibility to authorized personnel with designated
roles and permissions.
• Data Integrity: Measures are in place to ensure data accuracy and prevent tampering. Digital
signatures or checksums are employed to verify data integrity during storage and retrieval,
safeguarding against potential modifications.
• Data Availability: Regular data backups are implemented following the 3-2-1 backup rule (3
copies, 2 different media, 1 offsite location) to ensure data accessibility in case of hardware
failures, cyberattacks, or accidental deletion. Recovery procedures are documented and tested
to facilitate a swift restoration process if needed.
System Access Control
• User Authentication: Strong user authentication mechanisms are enforced, requiring complex
passwords and potentially multi-factor authentication to restrict unauthorized system access.
User roles and permissions are defined to grant appropriate access levels for configuration,
monitoring, and data retrieval functions, adhering to the principle of least privilege.
• Secure Communication: Secure communication protocols (e.g., HTTPS) are employed for all
data transmission between the IDS system, video cameras, and the database. This safeguards
against eavesdropping or data modification attempts on the network.
System Hardening
• Software Updates: A regular update schedule is established for the IDS software, object
detection model (YOLO), and operating system to address security vulnerabilities promptly.
This proactive approach helps minimize the system's exposure to potential exploits.
• Network Security: The network is segmented to isolate the IDS system from non-critical
systems, reducing the attack surface. Firewalls are implemented to filter incoming and outgoing
network traffic, restricting access only to authorized sources.
• Secure Coding Practices: Secure coding practices are followed during development to
minimize vulnerabilities such as SQL injection attacks or buffer overflows. This includes code
reviews, input validation, and proper data sanitization techniques.
Physical Security
• Physical Access Control: Physical access to the hardware running the IDS system is restricted
to authorized personnel only. Server rooms or cabinets are secured with appropriate locking
mechanisms to prevent unauthorized tampering.
• Environmental Controls: The server environment is maintained within appropriate
temperature and humidity ranges to prevent hardware damage, which could compromise system
availability.
9
IDS
5. System Design
5.1.ERD
10
IDS
5.2.UML Diagrams
5.2.1. Flowchart
11
IDS
12
IDS
13
IDS
5.2.5.Activity Diagram
14
IDS
15
IDS
6.Implementations Details
6.1.Software Specifications
1. Python Version: The project is written in Python programming language.
2. Libraries Used:
• ultralytics: Used for object detection, particularly YOLO (You Only Look Once)
model.
• cv2 (OpenCV): Utilized for image processing and computer vision tasks.
• numpy: Used for numerical computing.
• shapely: Utilized for geometric operations.
• psycopg2: A PostgreSQL adapter for Python, used for database connectivity.
• datetime: Used for timestamp generation.
• pygame: Utilized for playing sounds.
• csv: Used for reading and writing CSV files.
3. Object Detection Model:
• YOLOv8n: A deep learning model used for real-time object detection.
4. Database:
• PostgreSQL: Database management system used for storing alert data and associated
information.
5. Operating System: The project is assumed to be developed and deployed on a system
compatible with Python and required libraries. It doesn't explicitly specify the OS.
6.2.Hardware Specifications:
1. Processor: The performance of the object detection system may vary depending on the CPU
capabilities. A multi-core processor is preferable for faster processing, especially during real-
time video analysis.
2. Graphics Processing Unit (GPU): Utilization of GPU acceleration can significantly enhance
the performance of deep learning-based tasks such as object detection. However, the project
doesn't specify GPU usage explicitly.
3. Memory (RAM): Sufficient RAM is essential for handling image/video data and running
deep learning models efficiently.
4. Storage: Adequate storage space is required for storing video files, images captured during
detection, and database storage.
5. Camera: Depending on the deployment scenario, appropriate cameras are required for
capturing the surveillance footage.
6. Sound Output: Output devices such as speakers or headphones are necessary for playing
alert sounds.
16
IDS
7.Test Cases
Test
S.No Action Inputs Expected Output Actual Output Result Comments
Browsers
User successfully
Enter Correct logged in with valid
Successful
1 username and Login Successfully Login Successfully Chrome Pass credentials.
Login
password Redirected to the user
dashboard as expected
17
IDS
Recommendations
• Model Enhancement:
o Explore more advanced object detection models for greater accuracy and robustness
in diverse lighting and weather conditions.
o Investigate multi-object tracking to monitor individuals' paths and behaviors for
enhanced threat assessment.
• Alert Refinements:
o Implement customizable alert thresholds and notification preferences (e.g., email, text
messages) for tailored responses.
o Integrate with existing security systems or platforms for centralized monitoring and
response.
• Data Utilization:
o Develop visualization tools or dashboards to analyze intrusion patterns and trends.
o Explore integration with machine learning techniques for adaptive threat prediction
and proactive security measures.
• Performance Optimization:
o Optimize code for real-time processing efficiency, particularly for high-resolution
video streams.
• Security Considerations:
o Implement cybersecurity measures to protect system integrity and prevent
unauthorized access to sensitive data.
o Regularly update software libraries and dependencies to address potential
vulnerabilities.
18
IDS
9. Limitation
• Model Reliant:
The system relies on the YOLOv8n model's accuracy for person detection. Factors like
limited training data, pose variations, and occlusions can lead to misidentification or missed
detections.
• Zone Specificity:
The system is currently configured for three predefined zones. Complexities like irregular
perimeters or overlapping zones might require modifications for accurate intrusion
pinpointing.
• False Alarms:
External factors like animals, lighting changes, or shadows can trigger false alarms, requiring
manual verification and potentially delaying appropriate responses.
• Limited Coverage:
The system focuses on person detection. Other potential threats, like drones or climbing
attempts, might go unnoticed without additional security measures.
• Data Security:
The system stores data in a PostgreSQL database. Robust security practices are essential to
prevent unauthorized access and potential data breaches.
• Real-time Processing:
High-resolution video or multiple camera feeds can strain processing capabilities, potentially
leading to delays in detection and response.
• Environmental Constraints:
Outdoor deployments necessitate weatherproofing considerations and potential limitations
due to adverse weather conditions impacting image quality.
19
IDS
Cybersecurity Fortification:
o Implement robust security protocols and encryption mechanisms to safeguard sensitive data
stored within the system and during transmission.
o Regularly update software dependencies and conduct vulnerability assessments to maintain a
strong security posture.
o Leveraging artificial intelligence (AI) and machine learning (ML) algorithms can enable the
IDS to predict potential security breaches based on historical data and real-time observations,
allowing for proactive threat mitigation.
Autonomous Response Mechanisms:
o Implementing autonomous response mechanisms, such as automated drone patrols or robotic
security guards, can further strengthen perimeter security and reduce human intervention
requirements.
20