See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/316599266

INTRUSION DETECTION SYSTEM

Article in International Journal of Technical Research and Applications · April 2017

CITATIONS READS

44 43,217

4 authors, including:

Mohit Tiwari
Bharati Vidyapeeth College of Engineering, Delhi
280 PUBLICATIONS 378 CITATIONS

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Deep Learning Approach for generating 2D Pose Estimation from Video for Motion Capture Animation View project

Deep Learning Approach for generating 2D Pose Estimation from Video for Motion Capture Animation View project

All content following this page was uploaded by Mohit Tiwari on 01 May 2017.

The user has requested enhancement of the downloaded file.

 International Journal of Technical Research and Applications e-ISSN: 2320-8163,
www.ijtra.com, Volume 5, Issue 2 (March - April 2017), PP. 38-44

INTRUSION DETECTION SYSTEM

1
Mr Mohit Tiwari, 2 Raj Kumar, 3Akash Bharti, 4Jai Kishan
1
Assistant Professor,
1,2,3,4,5
Department of CSE, Bharati Vidyapeeth's College of Engineering, New Delhi, India.
rajkumarengi97@gmail.com

Abstract— Intrusion Detection System (IDS) defined as a

Device or software application which monitors the network or II. NEED
system activities and finds if there is any malicious activity occur. Now a day’s internet has become part of our daily life
Outstanding growth and usage of internet raises concerns about infect, the business world is getting connected to Internet.
how to communicate and protect the digital information safely.
In today’s world hackers use different types of attacks for getting
Number of peoples are getting connected to the Internet every
the valuable information. Many of the intrusion detection day to take advantage of the new business model which is
techniques, methods and algorithms help to detect those several known as e-Business. Connectivity enhancement has therefore
attacks. The main objective of this paper is to provide a complete become very critical aspect of today's e- business.
study about the intrusion detection, types of intrusion detection
methods, types of attacks, different tools and techniques, There are two phases of business on the Internet. First
research needs, challenges and finally develop the IDS Tool for phase is the Internet brings in outstanding potential to business
Research Purpose That tool are capable of detect and prevent the in terms of reaching the users and at the same time it also
intrusion from the intruder.
brings a lot of risk to the business. There are both harmless and
Index Terms— Intrusion Detection System, Need, Type of IDS, harmful users on the Internet. Whereas an organization makes
Detection Techniques, Functioning of IDS, Components, its information system accessible to harmless Internet users.
Application based IDS, Tools of IDS. Malicious users or hackers can also get an access to
organization’s internal systems in various reasons. These are,
I. INTRODUCTION • Software bugs called vulnerabilities in a system
In today’s world internet security has become a challenge • Failure in administration security
for organisations. To protect credential data from the intruders. • Leaving systems to default configuration
In process of safeguarding the data Web Firewalls, encryption, The intruders are use different types of techniques like
authentication and Virtual Private Networks (VPN) have been Password cracking, peer-to-peer attack, Sniffing attack, Dos
deployed since a long time to secure the network infrastructure attacks, Eavesdropping attack, Application layer attack etc. to
and communication over the internet. Intrusion detection is a exploit the system vulnerabilities mentioned above and
relatively new addition to set of security technologies. compromise critical systems. Therefore, there required to be
IDS is an evolution which enhance the network security some kind of security to the private resources of the
and safeguarding the data of the organisation. The IDS helps organization from the Internet as well as from users inside the
the network administrator to detect any malicious activity on organization.
the network and alerts the administrator to get the data secured
by taking the appropriate actions against those attacks. III. TYPES OF INTRUSION DETECTION SYSTEMS:
An intrusion refers to any unauthorized access or malicious There are two types of Intrusion Detection systems. These
utilization of information resources. An intruder or an attacker are network based Intrusion Detection System and host based
is a real world entity that tries to find a means to gain Intrusion Detection System.
unauthorized access to information, causes harm or engage in 1. Network Based Intrusion Detection and Prevention
other malicious activities. System
The Intrusion detection system is about the firewall security. A Network Based IDS (NIDS) present in a computer or
The firewall protects an organization from the malicious device connected to a segment of an organization’s network
attacks from the Internet and the IDS detects if someone tries and monitors network traffic on that network segment, looking
to access in through the firewall or manages to break in the for ongoing attacks. In network for maintain security to files
firewall security and tries to have an access on any system in many various Hashing algorithms are used like MD5. When a
the organization and alerts the system administrator if there is circumstances occurs that the network-based IDS is planned to
an undesired activity in the firewall. know an attack, it responds by sending notifications to
Therefore, an Intrusion detection system (IDS) is a security administrators. NIDS looks for attack patterns within a network
system that monitors network traffic and computer systems and traffic, such as large collections of related items that are of a
works to analyse that traffic for possible hostile attacks certain type that could specify that a denial-of-service attack is
originating from outside the organization and also for misuse ongoing, or it looks for the exchange of a sequence of related
of system or attacks originating from inside the organization. packets in a certain pattern, which could indicate that a port
scan is in progress. NIDSs are installed at a specific place in
the network (router is one of example) from where it is

38 | P a g e
 International Journal of Technical Research and Applications e-ISSN: 2320-8163,
www.ijtra.com, Volume 5, Issue 2 (March - April 2017), PP. 38-44
possible to watch the traffic going in and out of a particular malware. The terminology is generated by anti- virus software,
network segment and it can be used as watch the specific host which refers to these detected patterns as signatures. Even
computers on a network segment, or it can be installed to though signature-based IDS can easily detect known attacks, it
monitor all traffic between the systems that make up an entire is impossible to detect new attacks, for which no pattern is
network. available.
2. Host Based Intrusion Detection System
A Host Based Intrusion Detection System (HIDS) is placed This technique automatically possess the signature to detect
on a particular computer or server, known as the host, and the intruder. Misuse detection technique is created
monitors activity only on that system. Host based intrusion automatically and the works are more complicated and
detection systems can be further divided into two categories: accurate than manually done. It will Depending on the
signature-based (i.e. misuse detection) and anomaly based robustness and seriousness of a signature that is activated
detection techniques. HIDS monitor the status of key system within the system, some alarm response or notification should
files and detect when an intruder creates, modifies, or deletes be sent to the right authorities.
the monitored files. Then the HIDS triggers an alert when one
of the following changes occurs: file attributes are changed,
new files are created, or existing files are deleted. The main V. FUNCTIONS OF IDS
difference between NIDS and HIDS is that the NIDS can The IDS consist of four main functions namely, data
access information that is encrypted when traveling through the collection, feature selection, analysis and action,
network.

A. Usefulness of HIDS
HIDS can detect local events on host systems and also
detect attacks that may avoid network-based IDS.
HIDS encrypted traffic will have been decrypted and is
available for processing.
The use of switched network protocols does not affect a
HIDS.

IV. INTRUSION DETECTION TECHNIQUES

The two types of IDS techniques are:-

A. Anomaly Based Detection Technique: An anomaly-

based intrusion detection system, is a technique for detecting
both network and computer intrusions and misuse by
monitoring system activity and classifying it as either normal
or anomalous. The classification is based on some rules, rather
than patterns or signatures, and attempts to detect any type of
malicious activity that falls out of normal system operation.
While the signature- based systems can only detect attacks for
which a signature has previously been created.

A. Advantages of this anomaly detection method

The possibility of detection of novel attacks as intrusions;
anomalies are recognized without getting inside their causes Figure1: Functionality of IDS
and characteristics; less dependence of IDS on operating
environment (a compared with attack signature- based systems); 1. Data collection: This module passes the data as input
ability to detect abuse of user privileges. to IDS. The data is recorded into a file and then
analysed. Network based IDS collects and alters the
B. SIGNATURE BASED INTRUSION DETECTION: data packets and in host based IDS collects details like
Signature-based IDS refers to the detection of attacks by usage of the disk and processes of system.
looking for specific patterns, such as byte sequences in network
traffic, or known malicious instruction sequences used by 2. Feature Selection: To select the particular feature large
data is available in the network and they are usually evaluated

39 | P a g e
 International Journal of Technical Research and Applications e-ISSN: 2320-8163,
www.ijtra.com, Volume 5, Issue 2 (March - April 2017), PP. 38-44
for intrusion. For example, the Internet Protocol (IP) address of event has to be responded to E-mails, displays, blocking are
the source and destination system, protocol type, header length used to respond to critical events.
and size could be taken as a key for intrusion selection.
3. Analysis: The data is analysed to find the correctness.
Rule based IDS analyse the data where the incoming traffic is C. Frontend- Command and Control the IDS can be setup,
checked against predefined signature or pattern. Another configured and updated from the frontend by the user. All
method is anomaly based IDS where the system behaviour is events collected by the backend are presented on the frontend.
studied and mathematical models are employed to it. Thus, the frontend provides a convenient interface through
which the user can now manage these logged events. To obtain
4. Action: It defines about the reaction and attack of the maximum benefit from an IDS, it has to be fined tune to report
system. It can either inform that the system administrator with only significant events. Hence, the user can fine-tune the
all the required data through an email/alarm icons or it can play detection and response of an IDS through this console. If done
an active part in the system by dropping packets so that it does with accuracy, the IDS will provides the user with adequately
not enter the system or close the ports. early warning from any intrusion.

VI. COMPONENTS OF AN INTRUSION DETECTION VIII. APPLICATION BASED IDS (APIDS)

SYSTEM APIDS will check the functional behaviour and event of the
There are three basic components of an IDS – Sensor protocol. The system or agent is placed between a process and
(Activity or packet capture engine, Behavioural or signature group of servers that monitors and analyses the application
detection engine), Backend (Event recording of database, protocol between devices. Intentional attacks are the hostile
alerting the engine) and the Frontend (User interface, attacks carried out by malcontent employees to cause harm to
Command & control).A sensor forms the primary component the organization and Unintentional attacks causes financial
of an IDS for detecting intrusions on a computer or a network. damage to the organization by deleting the important data file.
It capture a packet to perform detection activities. It can There are numerous attacks have been taken place in OSI layer.
employ the signature based or anomaly based intrusion
detection techniques. The backend of the IDS is concerned
with logging of events which is detected by the sensors.
Additionally, it performs the function of alerting. The backend
can alert the administrator in frequent ways – logging events in
the database, sending an e-mail, block a connection, reset a
TCP connection, and display the alert on the administrator’s
console. The frontend forms the IDS user interface. The user
can view events that the sensor has detected, configure the IDS,
Denial-of-Service (DOS) Attacks: DOS refers to Denial-of-
update the signature database and behavioural detection engine.
Service and is best defined as an attempt to make a computer(s)
or network(s) unavailable to its intended users or also a Denial
VII. WORKING OF AN INTRUSION DETECTION of Service attack is when an attacker is trying to generate more
SYSTEM traffic than you have resources to handle.
The components of an IDS work in a structured manner to
DOS and DDOS: In a DOS attack, one computer and one
alert the administrator of an intrusion.
internet connection also is established to overwhelm a server or
network with data packets, with the only intention of
A. Sensor - It has two interfaces firstly, the capture network
overloading the bandwidth of victim and available resources. A
interface and secondly, the management network interface.
Distributed Denial of Service (DDOS) attack is the same, but it
Its main function is Detect and Report. As the sensor listens
is amplified. Rather than one computer and one internet
to network traffic by tapping into the network, the capture
connection a DDOS is, and often involves millions of
interface passes on all the captured data into a buffer. Then
computers all being used in a distributed manner to have the
the detection engine examines the buffer contents and
effect of hitting a web site, web application or network offline.
executes network protocol analysis. Signature based and
anomaly based intrusion based detection also happened
In both cases, either by the DOS or the DDOS attack, the
here.
target is bombarded with data requests that have the effect of
disabling the functionality of the victim.
B. Backend - The backend is also termed as the main function
of an IDS. Its main function is collect and alert. The events
SYN Attack: SYN attack is also defined as Synchronization
detected by the sensor are recorded in the event repository
attack. Here, the attacker sends the flood of SYN request to the
database system. Then the backend determines how each

40 | P a g e
 International Journal of Technical Research and Applications e-ISSN: 2320-8163,
www.ijtra.com, Volume 5, Issue 2 (March - April 2017), PP. 38-44
destination to use the resources of the server and to make the your application, system, or network, and can do any of the
system unresponsive. following:

Peer-to-peer attacks : A peer-to-peer or P2P network is a • Read, add, delete, or modify your data or operating
distributed network in which individual nodes in the network system.
called “peers” act as both suppliers (seeds) and consumers • Can introduce a virus program that uses your computers
(leeches) of resources, in contrast to the centralized client– and software applications to copy viruses throughout entire
server model where the client server or operating system nodes network.
request access to resources provided by central servers. • Can introduce a sniffer program to analyze your network
and gain information that can be used to crash or to corrupt
Ping of Death: A type of DOS attack in which the attacker your systems and network.
sends a ping request that is larger than 65,536 bytes, which is • Abnormally terminate your data applications or operating
the maximum size that IP allows onto the network. While a systems and Disable other security controls to enable future
ping larger than 65,536 bytes is too large to fit in one packet attacks.
that can be transmitted through, TCP/IP allows a packet to be
fragmented, essentially splitting them in smaller segments that Sniffer Attack: A sniffer is an application or device that can
are reassembled at the end. Attacks took advantage of this monitor, read, and capture network data exchanges and read
limitation by fragmenting packets that when received packet network packets. If the packets are not encrypted, a sniffer
would total more than the allowed number of bytes and would provides a full view of the data inside the packet.
effectively cause a buffer overload on the operating system at
the receiving end then the system could crash.
IX. TOOLS OF INTRUSION DETECTION
Eavesdropping Attack: It is the scheme of interference in An intrusion detection product available today addresses a
communication by the attacker. This attack can be done over range of organizational security goals. The security tools.
by telephone lines, instant message or through email. SNORT: Snort is lightweight and open source software.
Snort uses a flexible rule-based language to describe the traffic
Identity Spoofing (IP Address Spoofing): Most operating from an IP address; it records the packet in human readable
systems and networks use the IP address of a computer to form through protocol analysis, content searching, and various
identify a valid entity on the network. In certain cases, it is pre-processors Snort detects thousands of worms, vulnerability
possible for an IP address to be falsely assumed have spoofing exploit attempts, port scans, and other suspicious behaviour.
identity. An attacker might also use special programs to OSSEC-HIDS: OSSEC (open source security) is free open
construct IP packets that are originate from valid IP addresses source software. It will run on major operating systems and
inside the corporate intranet. After gaining access to the uses a Client/Server based architecture. OSSEC has the ability
network with a valid IP address, the attacker can modifying, re- to send OS logs to the server for analysis and storage the data.
routing, or deleting your data. It is used in many powerful log analysis engine, ISPs,
universities and data centres Authentication logs, firewalls are
Man-in-the-Middle Attack: As the name suggests, a man- monitored and analysed by HIDS.
in-the-middle attack occurs when someone between you and KISMET: It is a guideline for WIDS (Wireless intrusion
the person with whom you are communicating is actively detection system).WIDS compromises with packet payload and
monitoring, capturing, and controlling your communication happenings of WIDS. It will find the burglar access point.
transparently. For example, the attacker can re-route a data
exchange. When computers are communicating at lowest levels
of the network layer such as physical layer, the computers X. RESEARCH OF IDS TOOL SOFTWARE NAME: RAJ
might not been able to decide with whom they are exchanging IDS
the data. Man-in-the-middle attacks are like someone assuming Integrated development environment (IDE): Visual Studio
your identity in order to read your message. The person on the 2015 Language used: Visual Basic
other end might believe as it is you because the attacker might Brief Description about the Project
be actively replying as you to keep exchanging the information. Intrusion Detection System (IDS) defined as a Device or
This attack is capable of the same damage as an application software application which monitors the network or system
layer attack, which is described below. activities and finds if there is any malicious activity occur.
Need of IDS: Outstanding growth and usage of internet
Application Layer Attack: An application-layer attack raises concerns about how to communicate and protect the
targets the application servers by intentionally causing a fault digital information safely. In today’s world hackers use
in a server's OS or applications. This results in the attacker different types of attacks for getting the valuable information.
gaining the ability to bypass accessing normal controls. The Many of the intrusion detection techniques, methods and
attacker takes advantages of this situation, gaining control of algorithms help to detect those several attacks.

41 | P a g e
 International Journal of Technical Research and Applications e-ISSN: 2320-8163,
www.ijtra.com, Volume 5, Issue 2 (March - April 2017), PP. 38-44
● Log-Based Intrusion Detection SYSTEM: Log 3. Sensor: Sensor reports the administrator by sending
Analysis for intrusion detection is the process or email with log file and admin analyse those log file and take
techniques used to detect attacks on a specific action if any attack will found so they inform to the control unit
environment using logs as the primary source of and they will take action against those attacks.
information. 4. Control Unit: The Control Unit takes action against
intruder attack they will block the IP address of the intruder in
Attacks and IDS Types: the firewall of the system and store the information about
Types of DoS attack, Volume based attacks Includes UDP intruder in SQL server and blacklisting the intruder IP address
floods, ICMP floods and Protocol based attacks Includes SYN by using SQL server and also trace the intruder IP address.
floods, fragmented packet attacks, Ping of Death.

Types of IDS
1. Host based IDS: Software (agent) installed on computers RAJ IDS Architecture:
to monitor input and output data packets from device and it
performs log analysis, file integrity checking real time alerting
and active response.
2. Network based IDS: Connected network segments to
monitor, analyse and respond to network traffic and a single
IDS sensor can monitor many hosts.
Installing RAJ IDS: Simple and easy we implement RAJ
IDS in two models which is:

➔Two models are:

 Local (when you have just one system to monitor) CONCLUSION
 Client/Server for centralized analysis IDS are becoming the main part for many organizations
(recommended!) after deploying firewall technology at the network perimeter.
IDS can offer protection from external users and internal
Functioning of RAJ IDS Tool: Raj IDS is a Host based IDS attackers, where traffic doesn't go past the firewall at all.
(intrusion detection System)/IPS (intrusion prevention System) However, the following points are must to always keep in mind.
Tool in which we can monitor input and output data packets or If all of these points are not attached to, an IDS implementation
traffic from the device and using this tool administrator also along with a firewall alone cannot make a highly secured
performs log analysis they find the pattern of attack into the infrastructure.
logs if any malicious attack pattern found like UDP FLOOD
which is the type of Dos Attacks so administrator inform to 1. Strong identification and authentication: An IDS uses
control unit they will take action against those attack they will very good signature analysis mechanisms to detect
block the IP address of intruder and store the intruder intrusions or potential misuse; however, organizations
information in SQL Server and also trace the intruder IP must still ensure that they have strong user
Address so finally we detect and prevent the intrusion. identification and authentication mechanism in place.
Component of RAJ IDS:
1. Network sniffer: A packet analyser (also known as a 2. Intrusion Detection Systems are not a solution to all
packet sniffer) is a piece of software or hardware security concerns: IDS perform an excellent job of
designed to intercept data as it is transmitted over a ensuring that intruder attempts are monitored and
network and decode the data into a format that is reported. In addition, companies must employ a
readable for humans. process of system testing, employee education, and
As data streams flow across the network, the sniffer development of and attached to a good security policy
captures each packet and, if needed, decodes the packet's raw in order to minimize the intrusions risks.
data, showing the values of various fields in the packet.
2. Identify intrusion using log based analysis: Those 3. An IDS is not a substitute for a good security policy:
packets which is received by network sniffer is stored in a log As with good security and monitoring products, an IDS
file. These log file are used for analyse the network traffic by functions is one element of a corporate security policy.
the administrator if any malicious activity or attack found in Successful intrusion detection requires that a well-
this log file then administrator inform control unit they will defined policy must be followed to ensure that
take action against those attacks and these log file will be used vulnerabilities, intrusions and virus outbreaks, etc. are
for forensic purpose in future. handled according to corporate security policy
guidelines.

42 | P a g e
 International Journal of Technical Research and Applications e-ISSN: 2320-8163,
www.ijtra.com, Volume 5, Issue 2 (March - April 2017), PP. 38-44
4. Human intervention is required: The security [13] A. R. F. Hamedani, “Network Security Issues, Tools for
administrator or network manager must investigate the Testing,” School of Information Science, Halmstad
attack once. It is detected and reported, determine how University, 2010.
it has occurred, correct the problem and take the [14] S. A. Khayam, Recent Advances in Intrusion Detection,
necessary actions to prevent the occurrences of the Proceedings of the 26th Annual Computer Security
same attacks in future that might happen. Applications Conference, Saint-Malo, France, pp. 224-243,
42, 2009
ACKNOWLEDGEMENT [15] M. M. B. W. Pikoulas J, “Software Agents and Computer
I would like to express my sincere gratitude to Mr Mohit Network Security,” Napier University, Scotland, UK.
Tiwari., Assistant Professor, Department of CSE, BVCOE,
New Delhi, India, for giving me the much needed [16] R. E. Mahan, “Introduction to Computer & Network
encouragement to translate my in-depth research into a survey Security,” Washington State University, 2000.
paper. [17] Q. Gu, Peng Liu, “Denial of Service Attacks,” Texas State
University, San Marcos.
[18] M. A. Shibli, “MagicNET: Human Immune System &
REFERENCES Network Security,” IJCSNS International Journal of
[1] Salvatore Pontarelli, Giuseppe Bianchi, Simone Teofili. Computer Science and Network Security,Vol. .9 No.1,
Traffic-aware Design of a High Speed FPGA Network January 2009
Intrusion Detection System. Digital Object Indentifier [19] M. Eian, “Fragility of the Robust Security Network:
10.1109/TC.2012.105, IEEE TRANSACTIONS ON 80211,” Norwegian University of Science and Technology,
COMPUTERS. 2011.
[2] Przemyslaw Kazienko & Piotr Dorosz. Intrusion Detection [20] D. Acemoglu, “Network Security and Contagion,”
Systems (IDS) Part I - (network intrusions; attack NATIONAL BUREAU OF ECONOMIC RESEARCH,
symptoms; IDS tasks; and IDS architecture). 2013.
www.windowsecurity.com › Articles & Tutorials [21] J. Xu, J. Wang, S. Xie, W. Chen and J. Kim, “Study on
[3] Sailesh Kumar, “Survey of Current Network Intrusion Intrusion Detection Policy for Wireless Sensor Networks”,
Detection Techniques”, available at International Journal of Security and Its Applications, vol.
http://www.cse.wustl.edu/~jain/cse571-07/ftp/ids.pdf. 7, no. 1, (2013) January, pp. 1-6.
[4] Srilatha Chebrolu, Ajith Abrahama,,*, Johnson P. Thomas, [22] I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E.
Feature deduction and ensemble design of intrusion Cayirci, “Wireless Sensor Networks: a Survey”, Computer
detection systems, Elsevier Ltd. Networks, vol. 38, no. 4, (2002), pp. 393-422.
doi:10.1016/j.cose.2004.09.008 [23] K. Martinez, J. Hart, and R. Ong, “Environmental Sensor
[5] Uwe Aickelin, Julie Greensmith, Jamie Twycross . Networks”, IEEE Computer, vol. 37, no. 8, (2004), pp. 50-
Immune System Approaches to Intrusion Detection - A 56.
Review.http://eprints.nottingham.ac.uk/619/1/04icaris_ids [24] R. Abouhogail, “Security Assessment for Key
_ review.pdf Management in Mobile Ad Hoc Networks”, International
[6] http://www.intechopen.com/download/get/type/pdfs/id/86 Journal of Security and Its Applications, vol. 8, no. 1,
9 5. (2014), pp. 169-182,
[7] Martin Roesch , “Snort – Lightweight Intrusion Detection http://dx.doi.org/10.14257/ijsia.2014.8.1.16,.
for Networks”, © 1999 by The USENIX Association. [25] E. Ngai, J. Liu, and M. Lyu, “On the Intruder Detection
[8] The Snort Project, Snort User Manual 2.9.5,May 29, 2013, for Sinkhole Attack in Wireless Sensor Networks”, IEEE
Copyright 1998-2003Martin Roesch, Copyright 2001- International Conference on Communications, (2006).
2003 Chris Green, Copyright 2003-2013 Sourcefire, Inc. [26] D. Martins and H. Guyennet, “Wireless Sensor Network
[9] Chapter 3, Working With Snort Rules, Pearson Education Attacks and Security Mechanisms: A Short Survey”, 13th
Inc. International Conference on Network-Based Information
[10] B. Daya ,“Network Security: History, Importance, and Systems, (2010).
Future ,”University of Florida Department of Electrical [27] M. Jain, “Wireless Sensor Networks: Security Issues and
and Computer Engineering , 2013. Challenges”, International Journal of Computer and
http://web.mit.edu/~bdaya/www/Network%20Security.pdf Information Technology, vol. 2, no. 1, (2011), pp. 62-67.
[11] Li CHEN,Web Security : Theory And Applications,School [28] N. Sethi and D. Sharma, “A Novel Method of Image
of Software,Sun Yat-sen University, China. Encryption Using Logistic Mapping”, International
[12] J. E. Canavan, Fundamentals of Network Security, Artech Journal of Computer Science Engineering, vol. 1, no. 2,
House Telecommunications Library, 2000. (2012) November.

43 | P a g e
 International Journal of Technical Research and Applications e-ISSN: 2320-8163,
www.ijtra.com, Volume 5, Issue 2 (March - April 2017), PP. 38-44
[29] S. Karmakar and S. Chandra, “An Approach for Ensuring mode‖, Computer Network and Multimedia Technology,
Security and its Verification”, International Journal of 2009. CNMT 2009. International Symposium on, 18-20
Computer Science Engineering”, vol. 2, no. 3, (2013) May. Jan. 2009.
[30] M. Dinesh and E. Redddy, “Ultimate Video Spreading [34] Zhimin Zhou, Chen Zhongwen, Zhou Tiecheng, Guan
With Qos over Wireless Network Using Selective Repeat Xiaohui, ― the Study on Network Intrusion Detection
Algorithm” International Journal of Computer Science System of Snort ‖ , Networking and Digital Society
Engineering, vol. 2, no. 4, (2013) July. (ICNDS), 2010 2nd International Conference on (Volume:
[31] D. Carman, P. Krus, and B. Matt, “Constraints and 2), 30-31, May 2010.
Approaches for Distributed Sensor Network Security”,
[35] Bhavani Sunke, thesis: ― Research and Analysis of
Technical Report 00-010, NAI Labs, Network Associates
Inc., Glenwood, MD, (2000). Network Intrusion Detection System‖, 2008 [35] Ricky
M.Magalhaes, ― Host-Based IDS vs Network-Based IDS
[32] J. Sen, “A Survey on Wireless Sensor Network Security”,
2003.
International Journal of Communication
[33] Kang Hong, Zhang Jiangang, ― An Improved Snort
Intrusion Detection System Based on Self-Similar Traffic

44 | P a g e

View publication stats