An Architecture of Hybrid Intrusion Detection System
Intrusion Detection System (IDS) is renowned and widely-deployed security tool to detect attacks and malicious activities in information system. It is an essential element of any contemporary information system. There are mainly two techniques for intrusion detection: misuse (signature-based) detection and anomaly (behavior-based) detection technique. Both the techniques have their advantages and disadvantages. This paper presents research from an ongoing study on the use of features of both the intrusion detection techniques to design a novel and efficient hybrid IDS. An architecture and implementation details of the authors' hybrid IDS are presented.