NETWORK INTRUSION DETECTION SYSTEM

Network Intrusion Detection System



Network Intrusion Detection System

Abstract

The internet usage popularity has few risks related to attacks of the network. Intrusion detection is the main problem in the security of the network. The aim of the intrusion detection is the identification of unauthorized access to provide security to the networks. Intrusion detection systems, in literature, have been drawn near by several techniques of machine learning However, there is not any paper present that understands and examines the present status of using techniques of machine learning for the purpose of solving the problems of intrusion detection. In this paper, we have analyzed the usage of various machine learning techniques by several researchers.

Introduction

The internet is an important tool today, and has become a major part of everyday life. It helps people in several areas such as business, education and entertainment, etc. Particularly the internet is being used as the major component of the models of business. For the operation of business, both the customer and business apply the application of internet like e-mail and website on the activities of business. As a result of this security of information using internet as the medium needs to be concerned carefully. Intrusion detection is a major problem in research fro personal and business networks.

There are many risks of Internet attacks in a network environment, since many are designed to block the system from Internet attacks. In fact, the intrusion detection system (IDS) supports a network from external attacks. In other words, the goal of IDS is to provide a wall of defense against Internet attacks on computer systems. IDS can be used in computer communication networks for the detection of malicious use of the system, while the traditional firewall can not perform this task. Intrusion detection based on the hypothesis that the intruder's behavior is different from an authorized user.

Overall, the IDS can be classified into two categories anomaly and misuse (signature) detection method based on their approaches of detection: The difference in the detection of anomalies is the normal use of the models that try to determine if the intrusion can be labeled. Whereas, misuse detection access to the user or system in the habit of abuse to detect known attacks to identify vulnerabilities (Dana, 2010).

In literature, the number of anomaly detection systems is designed based on various techniques of machine learning. For case in point, many studies relate particular technique of learning that is, neural networks, genetic algorithms, support vector machines, and so on. In addition, some systems based on a combination of different techniques of learning such as ensemble or hybrid techniques. In fact, these techniques are designed in the same way as classifiers, which are used to recognize or classify that whether the incoming access of internet is an attack or standard access (Ondrej, 2009).

Intrusion detection is the action of detection unnecessary traffic in a device or network. An Intrusion Detection System can be part of the software installed or a substantial device that checks the traffic of ...