Introduction to A Spy Based Approach for Intrusion Detection Project:
The current intrusion detection system (IDS) is able to protect the only host or bunch of the interlinked systems that are networked. The single host IDS is known as the Host- based intrusion detection system. The network host IDS is known as the Network- based intrusion detection system.
The both intrusion detection system has some defaults, like, the host based IDS has demerit of the inability of the detection to the new kinds of the threats in the system, whereas the Network based IDS is cumbersome to handle, which is not able to identify the encrypted packets of data. The Network based IDS creates the time consuming transfer of the log information and that causes the huge collection of the data and resulting in traffic. This concludes with the incorrect performance of the system.
The Proposed Spy Based IDS has the merit over two IDS by combining the both single host and Network IDS enhancing the efficiency and creates the information transfer with no problem.
Anomaly Intrusion Detection
This kind of Intrusion Detection System keeps the information regarding the use of the system and prepares the statistical data for it. This checks the unusual action which can be intrusions.
Misuse Intrusion Detection
The IDS can identify the only know intrusion type. This is not able to detect the new type of Intrusion.
Features of the Spy Based Intrusion Detection System
- Regulator of the system
- Honeypots
- Possesses network sensor
- Spy type
- Log
- Tracer