Intrusion Detection Tools and Techniques - A Survey
Attacks like Denial of Service, Buffer overflows, Sniffer attacks and Application-Layer attacks have become a common issue today. Recent security incidents and analysis have demonstrated that manual response to such attacks is no longer feasible. Network security attacks aren't some theoretical concept that can be put into the background and dealt with later. Attacks of various types happen every day out in the wilds. Firewalls and spam filters are in place but they have simple rules such as to allow or deny protocols, ports or IP addresses. Some DoS attacks are too complex for today's firewalls, e.g. if there is an attack on port 80 (web service), firewalls cannot prevent that attack because they cannot distinguish good traffic from DoS attack traffic.