Date Added: Aug 2011
Intrusion detection systems are becoming ubiquitous defenses in current net-works and no complete and systematic methodologies available to test the effectiveness of these systems. Though there are various approaches, they are relatively ineffective in the classification and alarm rate dimensions. This paper proposes an intrusion detection system defined by a set of rules based on simple context-free grammar for normal and attacks. The packet data are passed through a Multi Stage Filter with focused capabilities. The proposed method promises good classification rate with low alarm rates tested with the one of the popular benchmark databases, KDD cup99 dataset.