From Packet-Based Towards Hybrid Packet-Based and Flow-Based Monitoring for Efficient Intrusion Detection: An Overview

Network-based Intrusion Detection Systems (NIDSs) aim at the detection of attacks by an inspection of network traffic. With the increase in network speed and number and types of attacks, existing NIDSs face challenges. This paper presents an overview of how the performance and detection accuracy of the payload-based, flow-based NIDSs are affected by the threats and attacks within the high-speed networks environment. A hybrid method of both flow-based and packet-based is also presented and discussed. The packet-based NIDSs process every packet received. Since it is very time consuming, it is hard to perform this approach at the speed of multiple Gigabits per second.

Provided by: The Second International Conference on Communications and Information Technology Topic: Security Date Added: Feb 2012 Format: PDF

Download Now

Find By Topic