Time Based Intrusion Detection on Fast Attack for Network Intrusion Detection System

In recent years network attack are easily launch since the tools to execute the attack are freely available on the Internet. Even the script kiddies can initiate a sophisticated attack with just a basic knowledge on network and software technology. To overcome this matter, Intrusion Detection System (IDS) has been used as a vital instrument in defending the network from this malicious activity. With the ability to analyze network traffic and recognize incoming and on-going network attack, majority of network administrator has turn to IDS to help them in detecting anomalies in network traffic. The gathering of information and analysis on the anomalies activity can be classified into fast and slow attack. Since fast attack activity make a connection in few second and uses a large amount of packet, detecting this early connection provide the administrator one step ahead in deflecting further damages towards the network infrastructure. This paper describes IDS that detects fast attack intrusion using time based detection method. The time based detection method calculates the statistic of the frequency event which occurs between one second time intervals for each connection made to a host thus providing the crucial information in detecting fast attack.