Abstract |
A network intrusion detection system (nids) is a hardware or software application that monitors a network for malicious activity or policy violations. Any malicious activity or violation is typically reported either to an administrator or collected centrally using a security information system. The research work in this field and commercially available network intrusion detection systems (nids) are mostly signature-based. The problem of a signature-based method is that the database signatures need to be updated as new attack signatures become available and therefore it is not suitable for the real-time network anomaly detection. |