Development of a Comprehensive Intrusion Detection System – Challenges and Approaches
Key challenges in the area of Intrusion Detection are the reduction of false alarms, event correlation & attack prediction. As a part of DIT, MCIT, Govt. of India supported project to carry out research and development in the area of Intrusion Detection System (IDS), we have developed N@G (Network at Guard). While developing N@G, we faced various challenges pertaining to performance, accuracy, analysis, survivability, adaptability and standards. In this paper we discuss these challenges and share our experiences, bringing out our approach towards solving them.
KeywordsChallenges in IDS IDS Architecture IDS Standards
Unable to display preview. Download preview PDF.
- 1.Debar, H., et al.: The Intrusion Detection Message Exchange Format (January 27 2005), http://www.ietf.org/internet-drafts/draft-ietf-idwg-idmef-xml-14.txt
- 2.Common Vulnerabilities and Exposures (CVE): http://www.cve.mitre.org/about/
- 3.N@G- Network at Guard, A hybrid Intrusion Detection System: http://www.ncb.Ernet.in/nag/
- 5.IDMEF Proposed Suggestions (January 25 2005), http://www.cs.hmc.edu/idwg/archive/msg00116.html