Comparative Study of Intrusion Detection System
Keywords:
Intrusion Detection, Detection Methods, Types Of Attacks, MechanismAbstract
In past few decades, there has been rapid progress in internet based technology and application areas for computer networks have emerged. But number of attacks on network has increased dramatically due to which interest of researchers in the network intrusion detection has also increased. Intrusion detection is a type of security management system for computers and networks. An intrusion detection system gathers and analyzes information from various areas within computer or network to identify possible security breaches, which include both intrusion and misuse. Intrusion detection system also helps in detecting anomalies in network traffic. Intrusion Detection system follows a two-step process. The first procedures are host-based and are considered the passive component, these include: inspection of the system`s configuration files to detect inadvisable settings; inspection of the password files to detect inadvisable passwords; and inspection of other system areas to detect policy violations. The second procedures are network-based and are considered the active component: mechanisms are set in place to reenact known methods of attack and to record system responses. Aim of this research paper is to review current trends in intrusion detection system and analyze current problems that exist in this area. Some key features, attacks detected by different types of IDs are explained in this paper.
References
N. Puketza, K. Zhang, M. Chung, B. Mukherjee and R. A. Olsson “A methodology for testing intrusion detection systems," Proc. IEEE Transactions on Software Engineering, vol. 22, pp. 719 -729, 1996.
Amrita Anand and Brijesh Patel, “An Overview on Intrusion Detection System and Types of Attacks It Can Detect Considering Different Protocols”, Proc. Ijarcsse Volume2, August2012, pp.310-325.
J. R. Winkler and W. J. Page”Intrusion and Anomaly Detection in Trusted Systems," Proc. Fifth Annual Computer Security Applications Conference, 1989.
D. E. Denning "An intrusion-detection model," IEEE Trans. on Software Engg., vol. SE-13, pp.222 -232 1987
F. Cuppens and A. Miege, "Alert Correlation in a Cooperative Intrusion Detection Framework," Proc. IEEE Symp. Security and Privacy, pp. 202-215, May 2002.
R. Durst, T. Champion, B. Witten, E. Miller and L. Spagnuolo, "Addendum to Testing and Evaluating Computer Intrusion Detection Systems," Proc. Comm. ACM, vol. 42, no. 9, p. 15, Sept. 1999.
R. Lippmann, D. Fried, I. Graf, J. Haines, K. Kendall, D. McClung, D. Weber, S. Webster, D. Wyschogrod, R. Cunningham and M. Zissman, "Evaluating Intrusion Detection Systems: The 1998 DARPA Off-Line Intrusion Detection Evaluation," Proc. DARPA Information Survivability Conf. and Exposition, vol. 2, pp. 12-26, Jan. 2000.
Karmore, Preetee K.; Bodkhe, Sonali T, “A Survey on Intrusion in Ad Hoc Networks and its Detection Measures,” Proc. International Journal on Computer Science & Engineering, 2011, vol. 3, Issue 5, pp. 1896-1903.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
