An Assessment Report on: Statistics-Based and Signature-Based Intrusion Detection Techniques

Abstract

With the growing size of data, its security has become a great challenge, and security of data is a major issue in most of the research areas. A detailed study of existing IDS is presented in the current paper so as to detect threats or intrusions on the data residing on system/network. It is a bit difficult to stop security threats and breaches entirely using present security technologies. Detecting the presence of intruder is very crucial for maintaining the network security. It is found that intrusion detection systems (IDSs) that are signature-based are restricted in their areas of detecting intrusions, because of the fact that the signature-based intrusion detection system is based on matching a signature with the network details. The system using signatures or patterns can detect only known attacks and threats, but they mostly fail when it comes to novel attacks. Thus preventing/detecting the new or special types of attracts whose signature is not specified. Although signature-based IDS does not give false alarms at genuine cases, but still is inept for unknown attacks or masked attacks. Later in the paper, another category of IDS is discussed which is statistical-based intrusion detection system (SBIDS). The statistical-based intrusion detection systems have an upper hand when it is compared with the signature-based intrusion detection system. During the study, it has been found that many researchers have solved this problem by data mining classification algorithms.