“A Study on the System Architecture of Hybrid Intrusion Detection System”

Published in Journal

International Journal of Information Technology and Management [IJITM] (Vol:3/ Issue: 1) DOI: 10.29070/IJITM
Authors: Monika Chauhan, Dr. Shishir Kumar,
Subjects: IT & Management

Year: Aug, 2012
Volume: 3 / Issue: 1
Pages: 0 - 0 (0)
Publisher: Ignited Minds Journals
Source:
E-ISSN: 2249-4510
DOI:
Published URL: http://ipublisher.in/p/3331
Published On: Aug, 2012

Article Details

“A Study on the System Architecture of Hybrid Intrusion Detection System” |

Monika Chauhan, Dr. Shishir Kumar, in International Journal of Information Technology and Management | IT & Management

Download PDF

View HTML

ABSTRACT:

Intrusionsdetection systems (IDSs) are systems that try to detect attacks as they occuror after the attacks took place. IDSs collect network traffic information fromsome point on the network or computer system and then use this information tosecure the network. Intrusion detection systems can be misuse-detection oranomaly detection based. Misuse-detection based IDSs can only detect knownattacks whereas anomaly detection based IDSs can also detect new attacks byusing heuristic methods. In this paper we propose a hybrid IDS by combining thetwo approaches in one system. The hybrid IDS is obtained by combining packetheader anomaly detection (PHAD) and network traffic anomaly detection (NETAD)which are anomaly-based IDSs with the misuse-based IDS Snort which is anopen-source project.