Journal Article•
Network Intrusion Detection & Prevention
TL;DR: A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action.
Abstract: Intrusion detection is an important technology in business sector as well as an active area of research. It is an important tool for information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action. Today computers are part of networked; distributed systems that may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect and combat some common attacks on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.
Citations
More filters
Posted Content•
TL;DR: A taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works, and a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion Detection systems.
Abstract: Intrusion detection has attracted a considerable interest from researchers and industries. The community, after many years of research, still faces the problem of building reliable and efficient IDS that are capable of handling large quantities of data, with changing patterns in real time situations. The work presented in this manuscript classifies intrusion detection systems (IDS). Moreover, a taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works. This taxonomy and survey reviews machine learning techniques and their performance in detecting anomalies. Feature selection which influences the effectiveness of machine learning (ML) IDS is discussed to explain the role of feature selection in the classification and training phase of ML IDS. Finally, a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion detection systems.
190 citations
TL;DR: This review can be used by the research community as a basis for abandoning the previous state-of-the-art cyber security benchmark datasets and starting to use the newly introduced benchmark dataset for effective and robust evaluation of machine learning and data mining-based intrusion detection system.
38 citations
01 Jan 2012
TL;DR: This thesis proposes implementation of a network intrusion detection and prevention system (IDPS) on the College’s network, which is an essential aspect of securing information and network resources.
Abstract: Nwogu, Emeka Joshua. 2012. Network Intrusion Detection and Prevention Systems in Educational Systems A case of Yaba College of Technology. Bachelor’s Thesis. Kemi-Tornio University of Applied Sciences. Business and Culture. Pages 66. Appendix 1. The objective of this thesis work is to put forward a solution for improving the security network of Yaba College of Technology (YCT). This work focuses on implementation of a network intrusion detection and prevention system (IDPS), due to constant intrusions on the YCT’s network. Various networks attacks and their mitigation techniques are also discussed, to give a clear picture of intrusions. The work will help the College’s administrators to become increasingly cautions of attacks and perform regular risk analyses. The research methodologies used in this work are descriptive and exploratory research. In addition, a questionnaire survey and interviews were used to collect data necessary for in-depth knowledge of the intrusions in the College. The choice of the research methods was found relevant for the current work. Furthermore, the researcher intended to gain an increased understanding of and provide a detailed picture of IDPS and the issues to consider when implementing the system. Network intrusion has been a security issue since the inception of the computer systems and the Internet. When breaking into a computer or network system, confidentiality, integrity and availability (CIA) are the three most aspect of security that are targets for intruders. The CIA, important aspects of security, and other network resources, need to be well protected using robust security devices. Based on the research tests and results, this thesis proposes implementation of IDPS on the College’s network, which is an essential aspect of securing information and network resources.
2 citations