To Improve the Performance of Deep Packet Inspection for Network Intrusion Detection

Abstract

Intrusion Detection System (IDS) is a security management for computers and networks. newlineAn IDS gather and analyse information from various areas within a host or newlinenetwork to identify possible security breaches, which include both intrusions and misuse. newlineIDS are being developed in response to the increasing number of attacks on major newlinesites and networks. The protection of security is becoming increasingly complex because newlinethe possible technologies of attack are becoming ever more sophisticated. In newline1998, Institute of Chartered Secretaries and Administrators (ICSA.net) was a leading newlinesecurity assurance organization formed. The IDS Consortium is an open forum for newlineproduct developers, with the aim of disseminating information to the end user, and newlinedeveloping industry standards. newlineA legitimate information is stored on the computer system. Some information is newlineshared with other users. Some information is published for all. It is expected to get the newlinetarget audience. It is normal behaver of any network to utilize resources for optimum newlineuse. Due to some operating system and technology vulnerabilities the expected rules of newlinecommunication is deviated. This deviation to expected rule makes unauthorized access newlineto resources of networked host. The unauthorized access to information is attack. newlineThe attacks may share confidential information with unauthorized users and disclose newlineit without modification or modification. Original information remains there. newlineThese are called passive attacks. Active attacks, modify information and may be disclosed. newlineThe information originality lost. newlineIntrusion Detection and Prevention is an integral part of Deep Packet Inspection. newlineAttacks on individual host or network host. Attacks are divided into four major categories. newlineDenial of Services (DoS), Probe, User to Remote (U2R) and Remote to User newline(R2U). It covers all known attacks.