[Jamhoor, 3(3): March, 2014] ISSN: 2277-9655 Impact Factor: 1.852 http: // www.ijesrt.com(C)International Journal of Engineering Sciences & Research Technology [1692-1697] IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY A Study to Find Attacks using Restrictive Fields in Networks Syed Najamul Huda Jamhoor *1 , Mohammed Abdul Waheed 2 *1 Research Scholar JJT University,Jhunjhunu, Rajasthan, India 2 Associate Professor, VTU Regional office, Gulbarga, Karnataka, India prof.mawaheed@gmail.com Abstract Attacks Recognition countenances numerous challenges. An attack recognition system should dependably recognize spiteful tricks within a network or net setups and should carry out operations proficiently to cope up with huge congestion on network. This paper deals with study of 2 problem concerning Accurateness and Proficiency of applications vulnerable to attacks and provide solution to it through Restricted Fields and Multi Authentication Mechanism. We would study and discuss that the elevated attack recognition accurateness could be attained though Restricted Fields and elevated proficiency by applying the Multi Authentication Mechanism. Our proposed concept of system would be able to recognize 4 different types of attacks very effectively. The attacks to deal we consider in our concept are DoS attack, User2Root attack, Probe attack and R2L (SQL Injection) attack. At last, we present that our concept system is powerful enough to deal with suspicious data or actions without compromising with efficiency. Keywords: Intrusion Detection, DoS attack, User2Root attack, Probe attack and R2L (SQL Injection) attack. Introduction Intrusion detection started in around 1980s after the influential paper from Anderson . Intrusion detection systems are classified as network based, host based, or application based depending on their mode of deployment and data used for analysis. Additionally, intrusion detection systems can also be classified as signature based or anomaly based depending upon the attack detection method. The signature-based systems are trained by extracting specific patterns (or signatures) from previously known attacks while the anomaly-based systems learn from the normal data collected when there is no anomalous activity . Another approach for detecting intrusions is to consider both the normal and the known anomalous patterns for training a system and then performing classification on the test data. Such a system incorporates the advantages of both the signature-based and the anomaly-based systems and is known as the Hybrid System. Hybrid systems can be very efficient, subject to the classification method used, and can also be used to label unseen or new instances as they assign one of the known classes to every test instance. This is possible because during training the system learns features from all the classes. The only concern with the hybrid method is the availability of labeled data. However, data requirement is also a concern for the signature- and the anomaly-based systems as they require completely anomalous and attack free data, respectively, which are not easy to ensure. As networks are the prerequisite for any communication these days, yet huge networks face lots of problems due to different attacks caused by intruders such as DoS attacks, Probe attacks, SQLIAs, etc Lots of works has been done already in this area for improvement but still there are chances of enhancements so that system performance can be improvised for more efficiency. Different Type of Attacks 1. Probe attacks The probe attacks are aimed at acquiring information about the target network from a source that is often external to the network. Hence, basic connection level features such as the “duration of connection” and “source bytes” are significant while features like “number of files creations” and “number of files accessed” are not expected to provide information for detecting probes. 2. DoS Attacks The DoS attacks are meant to force the target to stop the service(s) that is (are) provided by flooding it with probes illegitimate requests. Hence, for the DoS attack to be detected, traffic features such as the “percentage of connections having same