Abstract—Attacks like Denial of Service, Buffer overflows, Sniffer attacks and Application-Layer attacks have become a common issue today. Recent security incidents and analysis have demonstrated that manual response to such attacks is no longer feasible. Network security attacks aren’t some theoretical concept that can be put into the background and dealt with later. Attacks of various types happen every day out in the wilds. Firewalls and spam filters are in place but they have simple rules such as to allow or deny protocols, ports or IP addresses. Some DoS attacks are too complex for today’s firewalls, e.g. if there is an attack on port 80 (web service), firewalls cannot prevent that attack because they cannot distinguish good traffic from DoS attack traffic. In this paper we define and discuss various types and techniques of Intrusion Detection and the IDS tools that are employed to detect these attacks. We also present a description of types of security attacks possible in the OSI protocol stack, detection techniques, features of various Intrusion Detection tools and what type of attacks can be dealt with using these tools and various feasible operating system platforms.
Index Terms—Anomaly detection; Denial of service; Intrusion Detection; Intrusion Detection Tools; Network security; Network Attacks; Signature detection.
1 4th Semester, M. Tech in Computer Network Engineering, Departmentof Computer Science, R. V College of Engineering, Mysore Road, Bangalore–560059,Karnataka, India
2 ISRO Telemetry Tracking and Command Network, Peenya, Bangalore –560 058, Karnataka, India
E-Mail: firstname.lastname@example.org , email@example.com
Cite: Karthikeyan K. R. and A. Indra, "Intrusion Detection Tools and Techniques –A Survey," International Journal of Computer Theory and Engineering vol. 2, no. 6, pp. 901-906, 2010.