| With the growing use of internet the threats | | | | enterprise. The main purpose of an Intrusion |
| attached to it are also growing. As more and | | | | Detection System is to identify any passive |
| more people are getting dependent on | | | | or active and any internal or external |
| internet, the hackers are inventing new ways | | | | activity that is hostile to a network and |
| to intrude into their systems and cause havoc | | | | then to alert the concerned system |
| for them. By intruding or by gaining | | | | administrator and also block it as it |
| unauthorized access to their computers the | | | | happens. Thus, it detects any unauthorized |
| hackers can access confidential information | | | | access or misuse of a computer system and |
| or can simply destroy their system and derive | | | | acts like a burglar alarm for a computer. |
| sadistic pleasure out of it. Thus, Intrusion | | | | Eventually many different Intrusion Detection |
| Detection Systems (IDS) have become the need | | | | Systems have been developed, however, the |
| of the hour. | | | | detection schemes generally fall into one of |
| | | | the two categories, anomaly detection or |
| The large number of computers accessing | | | | misuse detection. Anomaly detectors sort out |
| internet and the valuable information they | | | | the behavior that deviates from the normal |
| contain has made it the quintessential task | | | | system use. While on the other hand, misuse |
| to ensure network security before | | | | detectors look for the behavior that matches |
| establishing any kind of network. Hackers can | | | | a known attack scenario. Another sub-category |
| adopt different methods to breach the network | | | | of Intrusion Detection Systems is Network |
| security. Most common of them is by gaining | | | | Intrusion Detection Systems (NIDS). These |
| unauthorized access to the information that | | | | systems look out for suspicious activity and |
| is primarily private and confidential. This | | | | monitor the packets. Network Intrusion |
| is very dangerous for a network as this | | | | Detection Systems can monitor many computers |
| information can be misused or can be modified | | | | at a time over a network, while other |
| by the hacker, which is also known as data | | | | intrusion detection systems may monitor only |
| diddling. This kind of modification of data | | | | one. |
| can render all the data stored on the | | | | |
| computers that are connected to a network, to | | | | Usually it is assumed that the people outside |
| become useless. Thus, it can result in total | | | | the networks try to break into them and gain |
| chaos and disorder for any organization or | | | | access to the private and confidential |
| individual. Some hackers may even delete the | | | | information. However, the truth may be |
| data totally or may release a virus in the | | | | different for the big corporate houses. Here, |
| network that can corrupt all the files on the | | | | the insiders pose a greater threat to the |
| computers including those of the operating | | | | information and the overall security of the |
| system, which can render a computer to be | | | | network. This is because they have the |
| totally useless. Some other forms of network | | | | insider's knowledge of the workings of the |
| security threats are remote login capability, | | | | company. |
| SMTP hijacking, DNS, Macros and OS bugs. | | | | |
| | | | Hence, though the network security threats |
| Because of these multiplying threats the | | | | are multiplying with the size of the network, |
| Intrusion Detection Systems are gaining | | | | we can still secure our networks by acting |
| popularity and have become an integral part | | | | judiciously and by having the necessary |
| of the overall business strategy of an | | | | Intrusion Detection Systems on our networks. |