Create a 8 page essay paper that discusses Combining Anomaly and Signature based Intrusion Detection Systems to offer superior detection.Index Terms – Anomaly Based IDS, FIDRAN, Signature based IDS,

Create a 8 page essay paper that discusses Combining Anomaly and Signature based Intrusion Detection Systems to offer superior detection.

Index Terms – Anomaly Based IDS, FIDRAN, Signature based IDS, I. Introduction The Internet continues to modernize the world’s economy. It is apparently changing the way people live, study, work, participate, and devour. At the hub, of this rebellion is technology. Technology has moved from the "back office" to the leading edge. Namely, the interface between customer and the organization has changed spectacularly. Increasingly, technology is shifting the organization’s associations with its customers from a "face-to-face" to a "screen-to-face" communication. The Internet is not an&nbsp.innovation&nbsp.that concerns only one or two sectors of the economy. Because it revolutionizes the way businesses should prudently&nbsp.systematize&nbsp.their activities and go to market, the Internet affects all economic commotions. Organizations maintain data communication networks for paperless business operations along with enhanced communication. On the other hand, threats and vulnerabilities related to data communication networks are significantly increasing. Firewalls are not considered as the only solution because these intelligent viruses and malicious codes tend to pass through it. In order to enable advanced security measures, Intrusion Detections Systems are recommended for corporate networks. ...

The types includes network based IDS, host based IDS and software based IDS. These types are further categorized in to signature based IDS which is also referred as misuse detection, and Anomaly detection. The functionality of ‘signature based IDS’ is dependent on known signatures. The word ‘known’ is important because threats that are detecting so far are categorized as known threats and are called signatures. Signature based IDS only detect threats similar to the defined available signatures and do not comply with any new threat. Whereas, Anomaly based IDS detect unknown activities within the network and detect them as threats and vulnerabilities. These two IDS types comply with different types of methods, process, and various profiles that are discussed in the next part of this coursework. II. Signature Based IDS The signature based IDS analyze and identify specific patterns of attacks that are recognized by raw data that is in terms of byte sequences called strings, port number, protocol types etc. Likewise, apart from the normal operational pattern, signature based IDS detects any activity that is unusual from previously defined patterns. Moreover, the patterns are monitored with strict control algorithms. The signatures are stored in a signature repository. The prime object of a ‘signature based IDS’ is to search signatures in order to detect a threat or vulnerability that is similar to antivirus software that also detects viruses. The functionality of IDS is to detect attacks that are initiated directly towards the network. Moreover, IDS tries to identify as many events as possible and therefore generate logs.