EFFECTIVE INTRUSION DETECTION SYSTEMS USING HYBRID APPROACH

Abstract

- Conventional intrusion prevention methods such as firewalls, access management schemes or cryptography techniques, have not proved themselves to completely defend networks and systems from refined malwares and attacks. The Intrusion Detection Systems (IDS) proved to be the right salvage to the current issues and became an important element of any security infrastructure to sight these threats before they induce widespread harm. The basic aim of IDS is to detect attacks and their nature that may harm the computer system. Several different approaches for intrusion detection have been reported in the literature. These approaches are broadly categorized into three approaches: i) Signature-based approach ii) anomaly based approach and iii) hybrid approach that combines signature and anomaly detection approaches. Hybrid approach has been found to be superior that either signature based or anomaly based approaches. However, despite superior performance, the hybrid approach has till date failed to provide desired detection rate and time needed for detection.