Abstract:

One of the main concerns in information system environment is the data and the different ways to secure these data (Brown et al, 2016). With the widespread use of the internet, it becomes a key challenge to maintain the secrecy and integrity of data. Different techniques were developed to maintain the security of networks and web applications like cryptography, user authentication, firewalls and intrusion detection systems. Intrusion detection systems (IDS) (Debar, 2017) aim at detecting attacks against computer systems and network or in general against information system. An intrusion detection system acquires information about an information system to perform a diagnosis on the security status of the latter. The goal is to discover holes, backdoors or open vulnerabilities that could lead to potential attacks. There are two basic types of intrusion detection: host-based and network-based. Host-based systems were the first type of IDS to be developed and implemented. These systems collect and analyze data that originate on a computer that hosts a service, such as a Web server. Once this data is aggregated for a given computer, it can either be analyzed locally or sent to a separate/central analysis machine (Kabiri & Ghorbani, 2015).