Implementation, configuration and adaptation of IDS$/$NSM Linux distribution IDS Evasion

Outline of Assignment

An Intrusion Detection System $($IDS$)$ is a device $($or software$)$ that monitors a network or system for malicious activities or policy violations and creates alerts for any anomalous activity detected. IDS can be passive or reactive $($IPS$)$ and use statistical anomaly$-$based detection or signature$-$based analysis.

IDS does have limitations and a number of techniques exist that allow malicious users to carry out IDS evasion.

For this assignment, you are required to research the various IDS evasion techniques. Implement these IDS evasion techniques against open$-$source IDS Snort, Suricata or Zeek$/$Bro$.$ Furthermore, after implementing the evasion techniques train your IDS to detect the IDS evasion.

In addition, you should endeavour to utilise$/$implement the defence and analysis tools you have used in the lab to help detect sophisticated evasion, and protect against it$.$

IDS evasion techniques include $($not limited to$)$ payload obfuscation, packet fragmentation, packet overlapping, protocol manipulation, tunnelling, traffic insertion etc, advanced evasion techniques.