CHALLENGES OF DESIGNING AND IMPLEMENTING INTRUSION DETECTION SYSTEM Abdullah A. Mohamed; Dia M. Ali Communication Department Collages of Electronics Engineering - Mosul university-Iraq Abdullah.4Mohamed@Gmail.com; dia_mohamad@yahoo.com ABSTRACT--In this research, you will find a study for designing the Intrusion Detection System (IDS) and some of well-known tools that can be used to implement online IDS system. For each tool, a used designing method is shown focusing on the tool’s features that make it valid for designing the IDS and the troubles that the designer maybe faces it with these tools. The produced tools are Field Programmable Gates Array FPGA, IXP Network Processor (IXP NP), hybrid NP with FPGA and the Embedded System. In the rest of this research, some helpful ways for who aim to start designing IDS are produced, some of traditional hardware and software models that can be suitable for these issues also shown like of Embedded Network PCs models and YOCTO PROJECT. I INTRODUCTION During the dark ages, the protection of cities was depending mainly on high fences and strength in terms of thickness and stones used in construction. The castles were 20 meters in height and about a 2 meter in width, hence the attack based on an attempt of climbing or tossing fences by catapult. Unfortunately castles from inside were permanently unprotected and chaos where most soldiers above the walls. Enemies became looking for gaps in the wall where these gaps always exist. Rear doors of the walls, drains, food stores or even internal betrayal cause to open these gaps; hence, the castles become more complex and ambiguous from the inside. In virtual environment, on the other hand, people thought that firewalls alone is the secret to protect the network, but often/always there is a gap and also the dangers from inside of the network no less dangerous than the external network (the Internet). For this reason, there is a need to monitor events and phenomena, which occur in the network (from/to it) that is called Intrusion Detection System (IDS) [1]. As the worldwide network became larger and larger, more personal information (such as accounts and sensitive information) is available on the Internet. Attackers became more intelligent and malicious; many types of attacking tools are continuously developed and available free. Network security on the other hand, became the most important issue now days, protection and healing means try to line with the attackers. II IDS’S JOBS AND COMPONENTS: Today IDS isn't considering as detector system only but also do one or more or all of the following as shown in Fig(1)[1]: 1. Recognition of patterns associated with known attacks. 2. Statistical analysis of abnormal traffic pattern. 3. monitoring and analysis of user and system activity. 4. Network traffic analysis. 5. Events log analysis. 6. Command Console: it is be where the IDS system be that it that controls the IDS's components and tools and it receives notifications and alarms from the Sensors. Fig (1) the IDS Process and Procedure