A Model of a Pragmatic Secure Intrusion Detection System for Local Area Networks

Abstract

Intrusion detection is very imperative in network systems due to outstanding vulnerabilities left unaddressed by current preventive network security measures such as firewalls and encryption software. The inefficiency, inaccuracy, high false alarm rates and lack of self-defensive mechanism of existing network security systems has continued to pose serious conc ern to network users, administrators and security professionals and thus needs urgent redress. There fore, the target of this paper is to develop a model of a pragmatic secure intrusion detection system for l ocal area networks using layered framework with conditional random fields that is capable of overcoming the apparent shortcomings of present intrusion detection systems. A critical analysis of existi ng IDSs was done using the structured system analysis and design methodology (SSADM) due to the sequential configuration of the proposed security system. Furthermore, a real-time response mechanism and a self-defensive mechanism for a network intrusion detection system (NIDS) was developed and implemented. The outcome of this study was a secured IDS that would proactively address potential security vulnerabilities by resisting and detecting attacks and security policy violations reliably and effic iently in local area networks, thus making it inevitable for use in our security conscious environment of the 21 st century.