INTRUSION DETECTION SYSTEM An Approach for Finding Attacks | Author : Ashutosh Kumar ,Mayank Kumar Mittra | Abstract | Full Text | Abstract : Traditionally firewalls are used to prevent the intruders to make an attack. But they have static configurations that prevent attacks based on source and destination ports and IP addresses. These are not sufficient to provide security from all the attacks. Therefore, we need an IDS system which will identify the all types of attacks and generate an alarm. Proposed IDS is in two phases. In Phase-I, A database is maintained in the server side which contains the authorized IP address of the Local Area Network (LAN).Then a matching between stored and incoming IP will be matched up here. We will find a perfect match,this value depend on the less or higher threshold value. The value will show the infected packets and reported to the admin by an alert message like email. In Phase-II, the proposed concept includes state protocol analysis and packet filtering techniques. At last the proposed IDS can effectively and efficiently detect the attacks that are similar to DOS, U2R, RST and Experimental results are also show that the proposed method can effectively detect the attack that is similar to TCP SYN FLOOD and other attacks. |
| INTRUSION DETECTION SYSTEM An Approach for Finding Attacks | Author : Ashutosh Kumar ,Mayank Kumar Mittra | Abstract | Full Text | Abstract : Traditionally firewalls are used to prevent the intruders to make an attack. But they have static configurations that prevent attacks based on source and destination ports and IP addresses. These are not sufficient to provide security from all the attacks. Therefore, we need an IDS system which will identify the all types of attacks and generate an alarm. Proposed IDS is in two phases. In Phase-I, A database is maintained in the server side which contains the authorized IP address of the Local Area Network (LAN).Then a matching between stored and incoming IP will be matched up here. We will find a perfect match,this value depend on the less or higher threshold value. The value will show the infected packets and reported to the admin by an alert message like email. In Phase-II, the proposed concept includes state protocol analysis and packet filtering techniques. At last the proposed IDS can effectively and efficiently detect the attacks that are similar to DOS, U2R, RST and Experimental results are also show that the proposed method can effectively detect the attack that is similar to TCP SYN FLOOD and other attacks. |
|
|