A Model of a Pragmatic Secure Intrusion Detection System for Local Area Networks

Intrusion detection is very imperative in network systems due to outstanding vulnerabilities left unaddressed by current preventive network security measures such as firewalls and encryption software. The inefficiency, inaccuracy, high false alarm rates and lack of self-defensive mechanism of existing network security systems has continued to pose serious concern to network users, administrators and security professionals and thus needs urgent redress. Therefore, the target of this paper is to develop a model of a pragmatic secure intrusion detection system for local area networks using layered framework with conditional random fields that is capable of overcoming the apparent shortcomings of present intrusion detection systems. A critical analysis of existing IDSs was done using the structured system analysis and design methodology (SSADM) due to the sequential configuration of the proposed security system. Furthermore, a real-time response mechanism and a self-defensive mechanism for a network intrusion detection system (NIDS) was developed and implemented. The outcome of this study was a secured IDS that would proactively address potential security vulnerabilities by resisting and detecting attacks and security policy violations reliably and efficiently in local area networks, thus making it inevitable for use in our security conscious environment of the 21st century.