Network Intrusion Detection Systems - Essay Example

Network Intrusion Detection systems Introduction Network Intrusion Detection systems are widely used andthey are one of the major component in a network. These systems help to prevent the intrusion and attacks by using a unique mechanism. Intrusion detection system detects and protects the network system from threats and attacks. It is the most important component of the network system. It is mandatory for the network systems to install an intrusion detection system to easily manage the attacks and resolve the issues. (Mun 2009). There are various types of intrusion systems and they are implemented based on the network system. These intrusion systems have been designed using various techniques. The intrusion system designed with the help of classification technique is the popular ones as it provides more security to the systems in which it is installed. The classification technique is used to classify the type of attack the system faces. (Base 2000).The intrusion system has the responsibility of protecting the system and preventing the attacks. Network intrusion systems using classification techniques are widely used and there are many articles have been written on this system. According to Mun the intrusion detection system works well only if the system is selected based on the type of network. The intrusion detection system must be selected to suit the network. There are various types of networks and the system must make sure that it satisfies the network's requirements. The classification technique is used in the intrusion systems to classify and divide the attacks and threats. (Mun 2009).This technique is preferred by most of the network administrators due to its compatibility and efficiency. The intrusion systems work well only when the network's requirements are satisfied. The intrusion detection systems are generally classified into network based intrusion detection systems and host based intrusion detection systems. Network based intrusion system makes use of classification technique since it offers more protection when compared to the other techniques. The systems which are built using classification technique protect each layer of the network. The Ethernet of IP and the other layers are protected and they can be free from intruders. (Northcutt, Noval 2003).Since the classification technique based intrusion detection systems protects the network and its layers from intrusion, it is one among the best intrusion detection systems. Though intrusion system built with classification technique offers more protection, the intruders make use of varying techniques that can pose threat to the other parts of the system. Mun's views about the classification technique and the intrusion detection system favor only the small scale network systems. The system is not much effective in dealing the network in a large scale. As defined by Song, the intrusion systems that implements classification technique are much better than systems that are developed using other techniques. Some of the systems built with classification technique classify the packets that enter into the network. (Song 2005).Each network will have packet transfer within the systems in the same network and also with the systems from the other networks. The packets enter the network only after the network admi9nistrator permits the packet. Each packet is thoroughly examined for any attacks and threats. If any packet with threat is detected, they are immediately discarded by the intrusion system. There are two types of intrusion systems, intrusion detection and intrusion prevention systems. The intrusion detection systems detect the attacks and threats and stop them from attacking the network system. The prevention systems protect the network system from getting affected by these threats. The key issues and concepts specified by Song are applicable for systems that implement packet classification. The systems that use intrusion detection systems with an enhancement of packet classification have other disadvantages. Song's concept works well for systems which transfer packets frequently. The weakness of the paper is it does not concentrate on the entire working of the intrusion system. It focuses only on the inspection of the packet. It does not specify about the effectiveness of the classification technique. According to Handley the intrusion detection system must be designed by keeping in mind the environment of the network. If the network is prone to more traffic then the intrusion detection system must be more efficient. The detection system must minimize the ambiguities created by the network traffic. It should protect the system from the traffic created by the hackers and intruders. (Handley 2001).The classification technique in intrusion detection systems are built in the path of the network. This helps in packet filtering. Packet filtering is an important concept, since the incoming and outgoing packets carry information that needs protection. If packet filtering technique is applied, the vulnerability of the security attacks can be minimized. Handley's paper emphasizes on the safety of the packet. The safety of the network system should be managed by implementing a system that protects the network from intruders and hackers. The strength of the paper is the due emphasize and concentration on the flow of packet. Even though packets play a major part in the network system, the other components of the system are equally important. According to Kazienko , intrusion detection systems act as a security to the network for which it is installed. The network is intruded by malicious users and this poses a high security threat to the network system. The intrusion detection systems are designed with the help of classification techniques. The key issue and the basis of research are to find out which classification technique works well when combined with the intrusion detection system. The classification techniques like k-mean method and neural networks are used in designing intrusion detection systems.(Kazienko 2004). Any one of these classification techniques is implemented in the intrusion detection systems. By using these methods the systems become more secure. There are certain limitations in developing an intrusion detection system with the help of classification technique. Neural network technique is of high efficiency and it has the capability of exhibiting high accuracy when compared to the other classification techniques. The disadvantage of neural networks is it takes more time in executing the intrusion detection. Still it is preferred due to its accuracy. (Hofmeyr 1998).Another classification technique is support vector and this gives minimal accuracy within a short period of time. Though Kazienko specifies the advantages of the classification technique, this paper have certain limitations. The accuracy of the intrusion system is the important aspect. If the accuracy is less, then the system does not yield good results. The paper must have included more details regarding the classification techniques and their limitations. As defined by Zhang, the wireless network system is the toughest task. Instead of developing intrusion detection systems for normal network systems, companies can design and develop intrusion detection systems for wireless networks. Wireless network systems are more prone to attacks and threats. Thus it requires an intrusion detection system that is of more efficiency. The system must be able to handle the attack sand threats and make sure the system is not vulnerable to such intrusions.(Zhang 2000). As wireless networks rely more on these intrusion detection systems, detection system must be selected with utmost care. The denial of service attacks is the remarkable improvement in the network systems. Zhang emphasizes more on the vulnerability of wireless systems and how to overcome it. Even though wireless systems are being used, it has not gained much popularity like the normal network systems. The paper does not give due importance to the classification techniques used in the intrusion detection systems that are used in wireless network systems. The papers that explain about the various intrusion detection systems concentrate more n the working of the system rather than the design and development of intrusion detection systems. Most of the detection systems that are built with classification techniques are the ones that are more effective in dealing with the intrusion attacks. The limitations and the disadvantages are more in the systems that deal with bigger network systems. Conclusion The network systems must ensure that the intrusion detection systems are selected according to the network. The working of the intrusion detection system depends on the network and the functionalities within the network. The intrusion detection systems built with classification technique are more effective when compared to the other intrusion detection systems. Reference Mun, Y. Network Intrusion Detection and Prevention Systems. (2009). Web. 27 Feb.2010. Zhang, Y. Intrusion Detection Systems. (2000). Web. 28 Feb.2010. Song, H. Packet Classification for Intrusion Detection. (2005). Web. 27 Feb 2010. Hofmeyr, S. Intrusion Detection Using Sequence of System Calls. (1998). Web. 28 Feb 2010. Handley, M. Network Intrusion Detection: Evasion, Traffic Normalization. (2001): 9-10. Web. 27 Feb 2010. Kazienko, P. Intrusion Detection systems (IDS). Classification, Methods and Techniques. (2004). Web. 27 Feb 2010. Base, R. Intrusion Detection. U.S.A: Macmillan Technical Publishing, 2000. Northcutt, S, and Novak,J. Network Intrusion Detection. U.S.A: New Riders Publishing, 2003. Read More