Comprehensive network security

Recently, intrusion detection systems, or IDSs, are being proposed to help network administrators to analyse the security risks and detect attacks against their networks and systems. The use of intelligence techniques for intrusion detection turns possible to cope with a large amount of collected data, such as traffic patterns, which is difficult for human beings to interpret by themselves.

Big data is being seen, nowadays, as a technological solution for infrastructure monitoring, where big data analysis can lead to optimised algorithms for solving network and systems issues, such as security problems, possible cyber-attacks and different types of modelling. Providing an in-depth insight into the network infrastructure related to decision-making issues, big data is realised by deploying Internet of Things (IoT) technology throughout the infrastructure system, such as sensor networks, which are able to sense and transmit information.

Many IDS are based on expert rules that are manually designed and created, describing only known attack signatures. Though, regarding the use of IDS based machine learning to be implemented in computer networks and systems, it is possible to identify network traffic data as a vital factor to better improve IDSs, analysing security risks and develop appropriate security solutions.

Based on this idea, many scholars identify IDSs as supreme important mechanisms to track and control malicious activities on the network and systems. While signature approaches are important to deal with well-known threats, anomaly-based methods are essential to discover and deal modern and novel attacks.

An efficient Intrusion Detection System must be able to collect and analyse all exchanged packets in both local and end-to-end communications and can be seen as cameras and sensors that constantly monitor the place. It is usually composed by a management console, to manage and report intrusions, and the sensors that work as agents, monitoring network devices in real-time.