Abstract
Intelligent Intrusion Detection System (IIDS) is a multi-tier enterprise-level Bayesian algorithm based application written in Perl scripting language. A knowledgebased discovery process uses weights added to Snort. rules which Bayesian algorithm processes in this 1IDS model. In this project, all alerts identified by Snort through sniffing of network traffic are stored in MySQL database; and a front-end component written in CGI Per] programming language presents these alerts as "True" or "False" options to system administrator. After verification by looking at alerts, system administrator can decide whether a particular attack is "True" or "False" by clicking on one of the buttons. This selection helps Bayesian algorithm learn about various options from stored data in the database such as the attackers IP addresses, types of attack(s) done by attacker(s), number of times attack(s) occurred etc. And from next time on, such attacks automatically get identified as either "True" or "False" as per initial selection; hence making this project unique from other such IDS models based on Bayes algorithm. The goal of this project is to have an lIDS system which will prevent false positive alerts in the near future, and will also assist identify true attacks and the attacks under progress, as an early detection tool. lIDS does not guarantee any protection from an attack(s) for which there are no rules, also called zero day attack(s).