Abstract

Intrusion Detection Systems (IDS) is a key part of system defense, where it identifies abnormal activities happening in a computer system. Intrusion detection system (IDS) provides a layer that monitors the network traffic for predefined suspicious patterns and inform about the unauthorized activity. In this paper, we address the effective feature selection method and combined with the layered approach. To safeguard the networks from known vulnerabilities and at the same time take steps to detect new and unseen, but possible, system abuses by developing more reliable and efficient intrusion detection systems. Any intrusion detection system has some inherent requirements. Its prime purpose is to detect as many attacks as possible with minimum number of false alarms, i.e., the system must be accurate in detecting attacks. However, an accurate system that cannot handle large amount of network traffic and is slow in decision making will not fulfill the purpose of an intrusion detection system. We desire a system that detects most of the attacks, gives very few false alarms, copes with large amount of data, and is fast enough to make real-time decisions.