Network layer specific attacks and their detection mechanisms

Intrusion Detection System (IDS) is in operation in Industries, Govt. organization, Banks to guard mission critical data from fraudulent access and tempering. In recent years, with the explosion of Internet, the number of attacks in computer networks is constantly increasing. This is primarily due to the lack of proper authentication of communicating entities in the network. Moreover, the different layer of network is prone to various threats due to vulnerabilities in each of its layers. The layers are independent of each other in functionality and the lower layers provide service to the upper layers. So any compromise in a lower layer will affect all layers above it without the knowledge of the higher layers. So the attacks needs to be classified in layered fashion and their mitigation technique needs to be developed layer wise which means, modern IDS system should also needs to be designed in layered fashion. In this talk, a brief overview of layered approach to Intrusion detection system will be presented by identifying different attacks at different layers in the Internet protocol stack. The need of multiple IDSs for protection of systems will also be discussed.