Development of a Hybrid Intrusion Detection System for Security Analysis at the IP Layer

Around us are Computer networks that necessitate effective communication, sharing of knowledge, research and development, education modernization, e-commerce and entertainment just to mention a few. The present days network systems are increasingly getting exposed to many security threats and vulnerabilities including denial of service (DoS), scanning, password cracking, spoofing, eavesdropping, spamming, phishing, worms among others. These security threats and vulnerabilities have seen organizations and companies implement security policies for their networks. However, most of these security policies only inspect the network traffic passing through them denying or permitting packets passage based on their active set of rules. This ideally leaves the network exposed to attacks from outside and within. This paper presents technical evaluation methods for network security at the IP layer. This will be done through experiments on network traffic data. This will involve Network analyzers for collecting data from 15 entry points having a population of about 160 computers that will be processed by the various methods. To demonstrate the results, Network traffic graphs and figures will be used. Through Observations, analysis of the effects of certain behaviors will be done. This results will help in designing a method thats would simplify network security analysis at the IP Layer, in this case a hybrid method. The technical evaluation mainly focuses on deployment in real high speed networks. The method designed shall then be tested in a government ICT department network.