With the recent advances in the field of network security, a technique called
Intrusion Detection System IDS is developed to further enhance and make network secure.
It is a way by which we can protect our internal network from outside attack, and
can take
appropriate action if needed. Using intrusion detection methods, information can be
collected from known types of attack and can be used to detect if someone is trying to
attack the network. Many techniques are there to detect intrusion in a network like
signature matching, anomaly based and others.
The work presented here studies and compares the techniques used by intrusion
detection systems, and focuses on the signature matching technique. It discusses the open
source, free intrusion detection system Snort. Another open source intrusion detection
system Bro is also discussed. It compares these systems alarms against the open source
tool IDSWakeup.