| With the growing use of internet the threats | | | | purpose of an Intrusion Detection System is to |
| attached to it are also growing. As more and | | | | identify any passive or active and any internal or |
| more people are getting dependent on internet, | | | | external activity that is hostile to a network and |
| the hackers are inventing new ways to intrude | | | | then to alert the concerned system administrator |
| into their systems and cause havoc for them. By | | | | and also block it as it happens. Thus, it detects |
| intruding or by gaining unauthorized access to their | | | | any unauthorized access or misuse of a computer |
| computers the hackers can access confidential | | | | system and acts like a burglar alarm for a |
| information or can simply destroy their system | | | | computer. Eventually many different Intrusion |
| and derive sadistic pleasure out of it. Thus, | | | | Detection Systems have been developed, |
| Intrusion Detection Systems (IDS) have become | | | | however, the detection schemes generally fall into |
| the need of the hour. | | | | one of the two categories, anomaly detection or |
| The large number of computers accessing | | | | misuse detection. Anomaly detectors sort out the |
| internet and the valuable information they contain | | | | behavior that deviates from the normal system |
| has made it the quintessential task to ensure | | | | use. While on the other hand, misuse detectors |
| network security before establishing any kind of | | | | look for the behavior that matches a known |
| network. Hackers can adopt different methods to | | | | attack scenario. Another sub-category of Intrusion |
| breach the network security. Most common of | | | | Detection Systems is Network Intrusion Detection |
| them is by gaining unauthorized access to the | | | | Systems (NIDS). These systems look out for |
| information that is primarily private and | | | | suspicious activity and monitor the packets. |
| confidential. This is very dangerous for a network | | | | Network Intrusion Detection Systems can monitor |
| as this information can be misused or can be | | | | many computers at a time over a network, while |
| modified by the hacker, which is also known as | | | | other intrusion detection systems may monitor |
| data diddling. This kind of modification of data can | | | | only one. |
| render all the data stored on the computers that | | | | Usually it is assumed that the people outside the |
| are connected to a network, to become useless. | | | | networks try to break into them and gain access |
| Thus, it can result in total chaos and disorder for | | | | to the private and confidential information. |
| any organization or individual. Some hackers may | | | | However, the truth may be different for the big |
| even delete the data totally or may release a | | | | corporate houses. Here, the insiders pose a |
| virus in the network that can corrupt all the files | | | | greater threat to the information and the overall |
| on the computers including those of the operating | | | | security of the network. This is because they |
| system, which can render a computer to be | | | | have the insider's knowledge of the workings of |
| totally useless. Some other forms of network | | | | the company. |
| security threats are remote login capability, SMTP | | | | Hence, though the network security threats are |
| hijacking, DNS, Macros and OS bugs. | | | | multiplying with the size of the network, we can |
| Because of these multiplying threats the Intrusion | | | | still secure our networks by acting judiciously and |
| Detection Systems are gaining popularity and | | | | by having the necessary Intrusion Detection |
| have become an integral part of the overall | | | | Systems on our networks. |
| business strategy of an enterprise. The main | | | | |