Science & Engineering Research Support soCiety (SERSC)
New threats are constantly emerging to the security of organization's information systems infrastructure. Firewall and VPN cannot prevent all intrusions and do little to prevent attacks from within the organization itself. Intrusion detection plays a vital role in ensuring the integrity of a network's security. Network Intrusion Detection Systems (NIDSs) or Intrusion Detection Systems (IDSs) have long been seen as the most effective means of detecting attacks. However they do have significant weaknesses. The increasing quantity and diversity of legitimate network traffic has resulted in ever increasing hardware costs and the large number of false positive alerts generated can be too much to analyze effectively.