Network Packet Data Online Processing for Intrusion Detection System

The existence of intrusion detection systems in computer network as a part of network security tool is very important, with this tool a computer system can detect the intrusion action before it makes more damage. Traditional intrusion detection system using the rule that created by expert for detecting the intrusion, but because of the increasing of internet activity the data to be analyzed in order to establish that rules become large and create the possibility the new intrusion technique cannot detect. Using data mining techniques to find intrusion pattern from network packet data was success to detect intrusion in offline environment, but the effective intrusion detection system must able to detect the intrusion in online environment. Therefore needed a method that can be used to perform online processing of network packets data. This paper discusses the data processing network packets to establish the connection records are complete or incomplete in an effort to enabling the intrusion detection system detecting the intrusion online and based on the test result this method was success to detect the intrusion in online environment.