An Anomaly & Signature-based Intrusion Detection System Model

Most intrusion detection systems (IDS) today lack the ability to detect both known and unknown intrusions. Even a very slight variation from known intrusions will go undetected thus rendering the IDS ineffectiveness. This paper proposes Anomaly and Signature-based Intrusion Detection System. The combination is needed in order to increase effectiveness of the IDS. The need arouse due to the fact that individual detection systems possesses serious drawbacks which can be solved only by combining them. With this at hand gives rise to an approach known as anomaly signature-based which is more efficient than individual techniques. This is due to the fact that anomaly detection detects unknown intrusions while signature-based detection detects known intrusions. By combining both techniques in conjunction with our anomaly signature-based system approach we are assured of an intrusion detection system that does not only detect both known and unknown intrusions but also capable of updating the signature-based detection database, thus in return rendering effectiveness to intrusion detection systems.