doi:10.3850/978-981-08-7304-2_0382

ABSTRACT

As the cost of information processing and Internet accessibility falls, organizations are becoming increasingly vulnerable to potential cyber threats such as network intrusions. So, there exists a need to provide secure and safe transactions through the use of firewalls, Intrusion Detection Systems (IDSs), encryption, authentication, and other hardware and software solutions. There are many IDS in market which identify attack network packets primarily through the use of signature detection of packet and these system also can identify abnormal traffic in network. However, for most systems, complete attack prevention is not realistically attainable due to system complexity, configuration and administration errors, and abuse by authorized users. For this reason, attack detection has been an important aspect of recent computer security efforts. In this paper, we presented the all aspect of IDS system. We also discussed the general architecture, taxonomy and network parameter used in IDS system in detail. Finally, we reviewed the standard IDS systems which are mostly used in computer network. We focused on SNORT, Tripwire and McAfee network protection solution in detail.

© 2011 ICCA 2010 Organizers