Abstract: An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies. IDPSes have become a necessary addition to the security infrastructure of nearly every organization IDPSes typically record information related to observed events, notify security administrators of important observed events, and produce reports. Many IDPSes can also respond to a detected threat by attempting to prevent it from succeeding. They use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g. reconfiguring a firewall), or changing the attack's content. In this paper, we examine the vulnerabilities of networks and say that we must include intrusion detection in the security architecture. We have showed such architecture and evaluated key mechanisms in this architecture such as applying intrusion detection, anomaly detection and misuse detection for both wired & wireless networks.
Keywords: IDS, Need for IDS, Types of IDS, Architecture
Title: Introduction to Intrusion Detection System
Author: Rajeev Singh
International Journal of Electrical and Electronics Research (IJEER)
Research Publish Journals
