Open Access  Subscription or Fee Access

To accommodate the information security growth and hacker's improved strategies and tools, intrusion detection systems (IDSs) are required to be allocated across the network. Organizations require security systems that are flexible and adaptable in order to combat increasing threats from software vulnerabilities, virus attacks and other malicious code, in addition to internal attacks. To meet organizational objectives and requirements the intrusion detection systems must be effective. This paper gives an overview of Intrusion Detection Systems ability to detect the intrusions in computer systems after a thorough comparative theoretical study. Different security threats are made on the networks and are caused by the intruders who either misuse the assigned privileges or access the systems via internet. Paper also highlights the mechanism of data recovery from corrupted processes, which can be incorporated in any Intrusion detection system.

Intrusions, Firewalls, Types of IDS, Misuse Detection and Anomaly Detection

Bin dong, Xiu-Ling Lui, “An Improved intrusion detection system basedon agent”, IEEE Proc. On International Conference on Machine learning and Cybernetics, pp. 3164-3167, vol 6, Hong Kong, 19-22 Aug 2007.

Kazienko&PiotrDorosz, “Intrusion Detection Systems Part 1”,[Online document], Apr 07, 2003, [cited 2009 Apr 15], Avalaible at HTTP: http://www.windowsecurity.com/articles/Intrusion_Detection_Systems_IDS_Part_I__network_intrusions_attack_symptoms_IDS_tasks_and_IDS_architecture.html

John McHugh, “Intrusion and intrusion detection”, International Journal of Information Security , pp 14-36, vol 1, no 1, August 2001, Springer Berlin / Heidelberg.

Terry Escamilla, “Intrusion Detection: Network Security Beyond the Firewall”, John Wiley & Sons, Inc, Canada, 1998.

David M Lynch, “Securing against insider attacks”, Journal of Information Security Systems, Issue 5, pp 39-47, vol 5, November 15, 2006.

Al-Saedi, K.H., H. Al-Khafaji, A. ALmomani, S. Manickam and S. Ramadass, 2011. An approach to assessment of network worm detection using threatening-database mining.

Xu, D. and P. Ning, 2008. Correlation Analysis of Intrusion Alerts. In: Intrusion Detection Systems (Advances in Information Security).

Elshoush, H.T. and I.M. Osman, 2011. Alert correlation in collaborative intelligent intrusion detection systems-A survey.

Tjhai, G.C., S.M. Furnell, M. Papadaki and N.L. Clarke, 2010. A preliminary two-stage alarm correlation and filtering system using SOM neural network and K- meanalgorithm.

Porres, I. and M.D.M. Fernandez, 2008. An Evaluation of current IDS. M.Sc Thesis, Department of Electrical Engineering, at Linkoping Institute of Technology, Sweden.

Njogu, H.M. and L. Jiawei, 2010. Using alert cluster to reduce IDS alerts. Proceedings of the 3rd IEEE International Conference on Computer Science and Information Technology.

Maggi, F., M. Matteucci and S. Zanero, 2009. Reducing false positives in anomaly detectors through fuzzy alert aggregation.

Kazienko&PiotrDorosz, “Intrusion Detection Systems Part 1”,[Online document], Apr 07, 2003, [cited 2009 Apr 15], Avalaible at HTTP: http://www.windowsecurity.com/articles/Intrusion_Detection_Systems_IDS_Part_I__network_intrusions_attack_symptoms_IDS_tasks_and_IDS_architecture.html

John McHugh, “Intrusion and intrusion detection”, International Journal of Information Security , pp 14-36, vol 1, no 1, August 2001, Springer Berlin / Heidelberg.

Dr. Fengmin Gong, “Deciphering Detection Techniques: part II Anomaly- Based Intrusion Detection”, White Paper, Chief Scientist, McAfee Network Security Technologies Group March 2003.

Terry Escamilla , “Intrusion Detection: Network Security Beyond the Firewall”, John Wiley& Sons, Inc, Canada, 1998

Zhengjun Tang, “Introduction of Intrusion Detection System”, Beijing China Machine Press, 2004.