login
Home / Papers / Intrusion Detection System

Intrusion Detection System

3 Citations•2021•
Zil Shah
journal unavailable

This article aims at providing a general presentation of the techniques and types of the intrusion detection and prevention systems and an in-depth description of the evaluation, comparison and classification features of the IDS and the IPS.

Abstract

Intrusion detection is the act of detecting unwanted traffic on a network or a device. An IDS can be a piece of installed software or a physical appliance that monitors network traffic in order to detect unwanted activity and events such as illegal and malicious traffic, traffic that violates security policy, and traffic that violates acceptable use policies. This article aims at providing a general presentation of the techniques and types of the intrusion detection and prevention systems and an in-depth description of the evaluation, comparison and classification features of the IDS and the IPS. Many IDS tools will also store a detected event in a log to be reviewed at a later date or will combine events with other data to make decisions regarding policies or damage control. An IPS is a type of IDS that can prevent or stop unwanted traffic. The IPS usually logs such events and related information.MachineLearning, it is a field of computer science that uses statistical techniques to give the ability to learn to the computer systems with data, Comparative study is based on Machine Learning, IDS and KDD dataset. As far as we know KDD is just a benchmark for IDS, so far, many people have researched where we came across many different algorithms ranging from decision to prediction. Almost all the parameters were used to identify which algorithm would be good for a particular metrics. We came across 42 parameters in KDD dataset. Using machine learning large amount of data to give statistical results and work can be done quickly. IDS was used to identify either the activity is malicious or non-