Article Preview
Top1. Introduction And Problematic
After that people realized that the “war: a massacre of people who don’t know each other for the profit of people who know each other but don’t massacre each other” Paul Valery. They have decided to change the field of wars form reality to the virtual world. Today, the development of science gives birth to an electronic war. We can even predict that World War III will be purely electronic.
A proverb known and recited in the area of intelligence and espionage issues: “Who has information wins the war”. The human had known lots of wars. The development of wars and strategies are based on the sensible information of the enemy and gives a favour to the camp that holds the last update of the information. In the history the data holder was always leaking under attack to intercept, modify or destroy information.
Nowadays, everything is computerized, personal information from birth to death: name, address, weight, height, date of birth, CV, health, etc. Are computerized and stored in servers and even money and fortune became as property files or tables in a database for mayor or numbers to the bank. It will not stop there, the arrival social networks and computerized our personal lives, opinions and feelings. What makes servers and computer systems have become targets of attacks and crime.
This also leads us to predict the end of the old-style crime where robbers have to be a writer and director and main actor, the end of improvisation as well, and the end of exposing the victim and criminal's life at risk. At present, the robber must have a great knowledge of computer science, he must write an algorithm instead of scenario, it must be implemented his computer programs and skipping all the security protocols; Now, robbers are able to work from a warm office listening to a Mozart symphony and drinking a cup of coffee. The challenge is big!!!!!
Electronic crime generally begins as a trend and a challenge between young and novice hackers, but it is rapidly evolving to the point where it becomes the subject of secret international tenders for large institutions and even countries. Companies and countries are under attack which can result in significant losses. The establishment of IT security has become more important than the establishment of the internal security for the place and people (scanner, metal detector, door guard, weapon, intelligence, etc.). Must control the input data stream and the output data stream of the telephone cable, or fiber optic and wireless connections that the company spend a large sum to get them, for the installation and maintain them; all that with their total grateful(company), more than that, that she considers it like a pride and added value in its performance.
A good IT security is based on the robustness of the implementation of security policy, it is designed and defined by a number of characteristics: it occurs when the levels, the objectives of this polished and finally tick the tools used to ensure safety.
To ensure a protection of company data, different tools are available. They usually used together, in order to secure the various existing flaws in a system. But the first and the most important tools in the security system is the IDS (intrusion detection system); firstly, because the majority of attacks are made after an intrusion or by introducing a malicious program and secondly because the IDS is the only tool that ensures permanence. It is responsible for start or stop strategies and response in case of attack.
IDS stands for Intrusion Detection System. It is an equipment that ensures on-the activity of a network or a given host to detect intrusion attempts and possibly react to this attempt. There are different kinds of IDS in the literature, it differs in the area of monitoring, operating mode or answer mode.
The theory cites two response mode: where the passive save attack in a log file that will be analysed by the security manager. And active response: rather aims is to stop an attack at the time of detection: by interrupting a connection where even against attack. We can classify the IDS by the response mode: passive IDS where IDS saves intrusion and communicates it to the manager of IT security, and Active IDS that make an action when an intrusion is detected. While re-looking scientific and the software industry there is only the passive IDS answer. The approach of the security of information systems that prevails today is too passive. We expect to detect an attack while we trust the multiple protection tools that we have developed and which are not infallible.