Tags: Cover Letter Unknown RecipientEssay On Fiction BooksCritical Thinking MooreDissertation Proposal On Terrorism And IslamArgumentative Essays On ImmigrationEssay On Responsibility And RespectThe Outsiders Book Report EssayCreative Writing Teaching IdeasEssay Topics For College Students
Source of data that is another method, which is classified into Host based IDS and Network based IDS.Misuse IDS Misuse based IDS is a very prominent system and is widely used in industries.This chapter examines the state of modern intrusion detection, with a particular emphasis on the emerging approach of data mining.
Copy the following to cite this URL: Kumra A, Jeberson W, Jeberson K. IDS (Intrusion Detection system) have become a necessary addition to the security infrastructure of nearly every organization.
Intrusion Detection System Based on Data Mining Techniques. Classification of IDS Intrusion detection system can be broadly classified based on two parameters as: Analysis method used to identify intrusion, which is classified into Misuse IDS and Anomaly IDS.
Most of the organizations that develop anti-virus solutions base their design methodology on Misuse IDS.
The system is constructed based on the signature of all-known attacks.
The need for IDS in a system environment and the generic blocks in IDS is also mentioned. Intrusion detection is primarily focused on identifying possible incidents, logging information about them, and reporting attempts.
The examples are as follows: (1) Misuse intrusion detection system that uses state transition analysis approach, (2) Anomaly based system that uses payload modeling and (3) Hybrid model that combines the best practices of Misuse and Anomaly based intrusion systems. In addition, organizations use IDS for other purposes, such as identifying problems with security policies, documenting existing threats, and deterring individuals from violating security policies.
The anomaly IDS computes the similarity of the traffic in the system with the profiles to detect intrusions.
The biggest advantage of this model is that new attacks can be identified by the system as it will be a deviation from normal behavior.
A particularly promising approach to anomaly detection combines association raining with other forms of machine learning such as classification.
Moreover, the data source that an intrusion detection system employs significantly impacts the types of attacks it can detect.