Frequent Element Pattern Matching To Evade Deep Packet Inspection in NIDS
Pallavi Dhade1, T.J.Parvat2

1Pallavi Dhade, Department of Computer Engineering, Sinhgad Institute of Technology, University of Pune, Pune, India.
2Prof. T. J. Parvat, Department of Computer Engineering, Sinhgad Institute of Technology, University of Pune, Pune, India

Manuscript received on July 01, 2012. | Revised Manuscript received on July 05, 2012. | Manuscript published on July 10, 2012. | PP: 195-203 | Volume-1, Issue-2, July 2012. | Retrieval Number: B0186071212/2012©BEIESP
Open Access | Ethics and  Policies | Cite 
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: — To detect hostile traffic in network segments or packets , Signature based Network Intrusion Detection Systems (NIDS) uses a set of rules which are so effective in detecting anomalous behavior like known attacks that hackers look for new techniques to go unobserved. Some of the techniques involves, in the manipulations of obscurities of network protocol. At the present, the detection techniques are developed against most of these elusive and equivocal techniques by means of identifying and recognizing. The appearance of new elusive forms may possibly effect NIDS to be unsuccessful. This paper presents an innovative functional framework to perform modeling over NIDS. Main, NIDS demonstrated precisely through Apriori algorithm. At this point, the paper consists of watching for circumventions on models are simpler and easier than directly trying to understand the behavior of NIDS. We present a proof of concept showing how to perform deep packet inspection in NIDS using two publicly available datasets. This framework can be used for analyzing ,Modeling and detecting the commercial NIDS after elusion.
Keywords: Apriori Algorithm, Deep packet inspection, Network Intrusion Detection systems, frequent elements matching, High speed network.