It is very important that the security mechanisms of a system are designed
so as to prevent unauthorized access to system resources and data. However, completely
preventing breaches of security appear, at present, unrealistic. We can, however,
try to detect these intrusion attempts so that action may be taken to repair the
damage later. This field of research is called Intrusion Detection.
while introducing the concept of intrusion detection in 1980, defined an intrusion
attempt or a threat to be the potential possibility of a deliberate unauthorized
b.manipulate information, or
c.render a system unreliable
then, several techniques for detecting intrusions have been studied. This paper
discusses why intrusion detection systems are needed, the main techniques, present
research in the field, and possible future directions of research.
are two ways to handle subversion attempts. One way is to prevent subversion itself
by building a completely secure system. We could, for example, require all users
to identify and authenticate themselves; we could protect data by various cryptographic
methods and very tight access control mechanisms. However this is not really feasible
In practice, it is not possible to build a completely secure system because bug
free software is still a dream, & no-one seems to want to make the effort
to try to develop such software.Apart from the fact that we do not seem to be
getting our money's worth when we buy software, there are also security implications
when our E-mail software, for example, can be attacked. Designing and implementing
a totally secure system is thus an extremely difficult task.
The vast installed base of systems worldwide guarantees that any transition to
a secure system, (if it is ever developed) will be long in coming.
Cryptographic methods have their own problems. Passwords can be cracked, users
can lose their passwords, and entire crypto-systems can be broken.
Even a truly secure system is vulnerable to abuse by insiders who abuse their
It has been seen that that the relationship between the level of access control
and user efficiency is an inverse one, which means that the stricter the mechanisms,
the lower the efficiency becomes.
there are attacks on a system, we would like to detect them as soon as possible
(preferably in real-time) and take appropriate action. This is essentially what
an Intrusion Detection System (IDS) does. An IDS does not usually take preventive
measures when an attack is detected; it is a reactive rather than pro-active agent.
It plays the role of an informant rather than a police officer.
most popular way to detect intrusions has been by using the audit data generated
by the operating system.
You may also like this : Motes, Modular Computing, MiniDisc system, Migration From GSM Network To GPRS, M-Commerce, C# , IP Telephony, RPR, Broad Band Over Power Line, Rapid Prototyping , Dashboard , Code Division Duplexing , Delay Tolerant Networking, EDGE , Holographic Data Storage , Integer Fast Fourier Transform , NRAM , Orthogonal Frequency Division Multiplplexing , Ovonic Unified Memory , Pervasive Computing , RAID , Real Time Systems with Linux/RTAI , Real-Time Obstacle Avoidance , Symbian OS , Teleportation , Turbo Codes , Utility Fog , Cluster Computing , Wireless Application Protocol , Light Tree, Smart Pixel Arrays , Project Oxygen , Wearable Bio-Sensors , Mobile Virtual Reality Service , QoS in Cellular Networks Based on MPT , Wireless Fidelity , Voice morphing , Radio Frequency Light Sources , Speed Detection of moving vehicle using speed cameras , Optical Packet Switching Network , Storage Area Networks , Smart Note Taker , Crusoe Processor, Optical Satellite Communication , Optical packet switch architectures, Optical Switching , FRAM , Virtual Private Network , Clockless Chip , Layer 3 Switching , Computer Seminars Reports and PPT