Comparative study between signature-based and anomaly-based network intrusion detection system (SBNIDS and ABNIDS)

Chiadighikaobi, Ikenna Rene (2015) Comparative study between signature-based and anomaly-based network intrusion detection system (SBNIDS and ABNIDS). [Final Year Project Report] (Unpublished)

[img] PDF
Chiadighikaobi(24pgs).pdf

Download (4MB)
[img] PDF (Please get the password from Technical & Digitization Management Unit, ext: 082-583913/ 082-583914)
Chiadighikaobi(fulltext).pdf
Restricted to Registered users only

Download (28MB)

Abstract

The rise in numbers of network intrusion is related to the growth and importance of the Internet in our daily live. I order to provide protection to organizations information / data, Intrusion Detection System (IDS) plays an important role in Network security. Signaturebased intrusion detection focus on matching attack signature with the already stored signature in the database, it generates an alert if the incoming packets signature matches with the one in the database. Signature-based is vulnerable against newly emerging attacks, because the signature is not yet stored in the database, this leave this detection technique with the problem of false negative rate. On the other hand, Anomaly-based detection techniques which is a behaviour techniques, detects the abnormal behaviour in a computer systems and networks. The deviation of packets from normal behaviour is considered as attack. This leaves this technique with the problem of false positive rate. In this proposed project we will be making a comparative study of Signature-based and Anomaly-based IDS in order to select suitable comparison parameters between different approach in network intrusion detection, to evaluate suitable software/system for deploying Signature-based and Anomaly-based detection and to conduct experimental study to evaluate the differences in selected parameters in different approach in network intrusion detection. This project will provide a comparative analysis result between SBNIDS and ABNIDS after the evaluation study using DARPA dataset and we will be able to select a suitable techniques in the area of performance, efficiency in data size and non-functional parameters like CPU and Memory usage, which the result proposed that ABNIDS is better than SBNIDS and the conclusion was based on the evaluated parameters.

Item Type: Final Year Project Report
Additional Information: Project report (B.Sc.) -- Universiti Malaysia Sarawak, 2015.
Uncontrolled Keywords: Intrusion Detection System (IDS), Signature based
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
T Technology > T Technology (General)
Divisions: Academic Faculties, Institutes and Centres > Faculty of Computer Science and Information Technology
Depositing User: Patrick
Date Deposited: 30 Aug 2022 09:22
Last Modified: 30 Aug 2022 09:22
URI: http://ir.unimas.my/id/eprint/39418

Actions (For repository members only: login required)

View Item View Item