Authors : M. Ravichandran and C.S. Ravichandran
Abstract: Intrusion Detection Systems (IDS) are progressively becoming a key part of network security by supervising the network traffic and attempting to identify and alert all malicious behavior to the user. In this study, Snort, a Signature-Based IDS that identifies attacks in a network traffic based on the rules written and SPADE, a Statistical-Based IDS that flags for anomalous behavior in the network traffic by learning the normal behavior for the packets in that particular network are both used. The integration of Snort and SPADE improves the detection accuracy and a vast majority of anomalous traffic on the network can be identified. However, the system is still prone to false positive errors that occur when a normal activity is misclassified as an attack. This leads to the anomaly based IDS to produce undesirable results as normal packets are being classified as malicious packets and are dropped or rejected by the system and also raising frequent false alerts. The main objective of this research is to find a scenario in which false positives are generated by SPADE and proceed to modify SPADE in such a way that it can be deployed effectively in a Wireless Ad Hoc Network.
M. Ravichandran and C.S. Ravichandran, 2014. A Software Based Approach for Detecting Intrusion in Wireless Ad Hoc Networks. Research Journal of Applied Sciences, 9: 257-261.