TRAINING PROJECT REPORT ON

TUNING PROCESS IN PANASONIC INDIA

SUBMITTED IN PARTIAL FULLFILLMENT OF DIPLOMA IN ELECTRONICS

SUBMITTED BY:

SUBMIT

DECLARATION BY LEARNER

I Shweta Singh hereby declare that the Project titled STUDY OF CONSUMER AWARENESS FOR IDEA CELLULAR SERVICES is an Original piece of work. It has been submitted in partial fulfillment for the Award of the Bachelor of Business Administration.

Date:

Place: Meerut

ACKNOWLEDGEMENT

I take the opportunity to express our gratitude to all the concerned people who have directly or indirectly contributed towards completion of this project. I extend my sincere gratitude towards Mr. Sanjay Kumar Marketing Manager at Idea Cellular for providing the opportunity and resources to work on this project. I am extremely grateful to Ms. Renu Dudeja, Faculty BBA my mentor for her guidance and invaluable advice during the projects. At Last I would like to thanks my parents and friends for their support.

INDEX
2 3 4 5 6 7 8 9 10 12 13 14 15 16 17 18 18 Company Certificate Declaration by learner Acknowledgement Preface Introduction about the study About the Industry Objectives Company Profile Literature Review Research Methodology Data Analysis Conclusion Findings Recommendations Limitations References Annexure 5 7 10 15 16 32 40 44 60 61 62 63 64 65

COMPANY BACKGROUND

Panasonic Corporation, headquartered in Osaka, Japan, is a worldwide leader in the manufacture of electronic products for a wide range of consumer, business and industrial needs. With a turnover of USD 79 billion, the company ranks 65th in the Fortune 500 list of the largest global corporations and is ranked 4th in Fortune 500 index for Electronics and Electrical Equipments and ranked as a World Super 50 by Forbes. Its operations span 9 countries, with a workforce of about 385,000 spread over 75 companies. Panasonic has built 297 manufacturing facilities across the world, and has an annual spend exceeding US$5 billion on research and development. The Company recently acquired Sanyo in a USD 9 billion deal, making it the worlds second largest conglomerate in the electronics industry. The Company provides solutions, not just products, to make everyday home and business life simpler, convenient and energy efficient, achieved through innovative technologies. At Panasonic, designers and engineers constantly endeavor to ensure that each evolution of product is better than its previous version by following stringent process to develop products that are more energy efficient, water efficient and long lasting. Under its global Eco Ideas programme, which includes Eco Ideas for Life styles & Business styles, the company develops energy-efficient, state-of-the-art products and encourages

customers to live eco-conscious lifestyles with an aim to reduce CO2 emissions in households and manufacturing units.

Company Vision:

To be the No1 Green Innovation Company worldwide in

the Electronics industry by year 2018.

Company Mission:

The belief in our basic management objective to devote ourselves to the progress and development of society and the well-being of all people around the globe has been the foundation of the company.

Outline of Panasonic India

Date of Establishment: Panasonic India Pvt. Ltd.(Consumer Sales Division) was established on 14th July 2006. Wholly Owned Subsidiary: Panasonic Corporation Principal Activity Panasonic India Pvt. Ltd.: (Consumer Sales Division) is a sales, marketing and distribution company for the Panasonic brand of consumer durable and home appliance products in India. PI registered office is in Chennai, Tamil Nadu.

India Operations

Panasonic India Pvt. Ltd (PI) operates through following companies:

Consumer Sales Division (CSD) for making available consumer electronics appliances from the Panasonic stable.

System Sales Division (SSD) for making available display, projectors, telephones, PBX/KTS, fax machines, security and networking products.

Panasonic Automotive Systems India (PASI) specializes in sales and support of in-car equipment and systems that provide comfort - such as multimedia equipment- safety, environmental protection and power management.

Panasonic Industrial India (PIIN) for making available compressors, motors for Air conditioners and Refrigerators, Various types of Battery for application such as UPS / E-Bike / Windmill / Solar System / and many other industrial applications, Components for Printed Circuit Boards (Capacitor, Resistor, Coil, Switches, Sensors, Semiconductors, and more.), Flat and Plasma Panel for Flat TV and Plasma TV, Heat Exchanger for BTS relating applications, Welding and SMT equipments for manufacturing Industry.

Panasonic Home Appliances India Co. Ltd [PHAI] for manufacture, import, marketing and sales of kitchen appliances and small domestic appliances. Product categories include beauty care, personal care and health care items. PHAI is headquartered in Chennai, Tamil Nadu.
8

Panasonic AVC Networks India Ltd [PAVCI] for manufacturer of CRT TVs and LCDs. PAVCI is based in Noida, UP.

Panasonic Energy India Co Ltd [PECIN] for manufacture and sales of dry cell batteries. PECIN is based in Baroda, Gujarat.

Panasonic Carbon India Co Ltd [PCIN] for manufacture and sales of carbon rods. PCIN is based in Chennai, Tamil Nadu.

Anchor Electricals is a group company of Panasonic Corporation in India Sanyo and Panasonic Electric Works has fully amalgamated with Panasonic Corporation.

Product Categories:

Digital audio-visuals: Plasma/LCD/LED/3D TVs, DVD players, cameras & camcorders

Home appliances: refrigerators, washing machines, air conditioners, microwave ovens, rice cookers & mixer grinders

Health & Beauty appliances: handheld massager, water purifier & hair dryer Professional communications: cordless phones & faxes Business solutions: multi-function copiers & notebook PCs Professional audio-visuals: professional cameras & security systems. Industrial components: compressors, motors for Air conditioners & Refrigerators; Batteries for industrial applications; Flat and Plasma panels; Welding and SMT equipments for manufacturing Industry

Car equipments: in-car equipment and systems The Company promotes technology transfer in recognition of the wisdom of shared expertise and resources in order to enhance product and machine technology advancement, productivity and quality excellence. With local participation in its state-of-the-art R&D activities, there is not only mutual technological progress but it also ensures the highest product quality under the local operating conditions.

10

Growth and Achievements

Panasonic in India registered sales of Rs 2,200 crore in FY 2009, and was estimated to do a turnover of Rs 3,200 crore in FY 2010.

Panasonic is investing USD 300 million in India to set up an R&D and manufacturing facility and on marketing initiatives. Panasonic is developing, in Haryana, the Panasonic Techno park, an R&D and manufacturing facility for air conditioners, refrigerators and washing machines.

Panasonic is on track to generate sales revenue of USD 2 billion by 2012 in India.

History of Panasonic

Panasonic was founded in 1918 by Konosuke Matsushita. The Panasonic brand was created from the elements "pan" meaning "all" combined with "sonic" meaning "sound", because it was first used for audio equipment. The company that was to become Panasonic was started on March 7, 1918, when Konosuke Matsushita moved from his tiny dwelling to a larger two-story house, and set up Matsushita Electric Housewares Manufacturing Works. The staff consisted of three people: the 23-year-old Matsushita, 22-year-old Mumeno and her brother Toshio lue, then just 15. The Panasonic brand was

11

created by Matsushita in 1955 for the Americas region because the National brand was already registered by others.

Matsushita manufactured two new products-an attachment plug and a two-way socket. They proved popular as they were of higher quality than other products on the market, and were 30% to 50% cheaper.

"'...(Youth) is a matter of the will, a quality of the imagination, a vigor of the emotions...Youth means a temperamental predominance of courage over timidity, for adventure over the love of ease...' "The exercise of creativity and daring brings problems to the surface, but it also imbues us with the vigor to confront them. Daring always implies a risk of failure, from which we must be willing to stand up and try again. Yet even failures can empower us. To do the pedestrian, the obvious, accomplishes nothing. We will create a bright future for our company when each employee sits down and asks him or herself about what he or she should be doing."

Today, Panasonic is a Multi-Million Company, spread throughout the globe. There would hardly be someone who is not using even a single product of Panasonic. And, Panasonic India is Panasonic Corporation's Indian Branch,

12

which is emerging as a National Giant, catering quality products to the Consumer Market in India.

National Panasonic India Ltd. was established in 1994. It was set up to provide higher quality Electronic Products supported by service In India. The Electronic Products from Panasonic can be classified into three categories comprising a variety of products under them. About 50% of turnover comes from the Japanese domestic market and of the rest, India contributes about 4%. In India, Panasonic is among the top 100 Most Trusted brands listed by The Brand Trust Report.

13

OVERVIEW OF CONSUMER DURABLE INDUSTRY

Consumer durables are the products whose life expectancy is at least 3 years. These products are hard goods that cannot be used up at once. The consumer durables sector can be segmented into consumer electronics, such as CLASSIFICATION

WHITE GOODS

KITCHEN APPLIANCES/BROWN GOODS

CONSUMER ELECTRONICS

Refrigerators Washing machines Air conditioners Speakers and audio equipment

Mixers Grinders Microwave oven Irons

Mobile phones Televisions MP3 players DVD players

Electric fans Cooking range Chimneys

VCD players

14

Degree of Rivalry

Degree of rivalry denotes the intensity of competition within the industry. Panasonic, Samsung, LG, Sony are the major competitors in television industry. Onida and Videocon are other big competitors Although Panasonic, another major player has managed to hold its own in the midst of the onslaught from the Korean majors. Other large Indian companies in the top of the list are Mirc Electronics. While Mirc Electronics is managing to hold its share by adopting value for money strategy, BPL is facing tough time, experiencing drastic decline in market share. Sony, Philips, Akai, Sansui, Aiwa, Toshiba and now Hyundai are the other foreign brands in the market. The industry is based on numbers game and companies will have to maintain a fine balance between catering to lifestyle requirements and meeting the needs of average consumer.

PANASONIC:

Introduced its new global branding concept slogan of "PANASONIC ideas for life", the company is implementing a worldwide brand strategy, here in India. The new slogan is reflective of Panasonic's aim to redefine its brand value, which will deliver ideas that are valuable and beneficial to their customers in their daily life.

15

Mr. Manish Sharma, Director - Marketing, Panasonic India has been formulating and implementing Panasonics marketing initiatives in India, to effectively communicate the Panasonic brand values. As a major initiative in this direction, he has been instrumental in celebrity associations with Panasonic and endorsement of sporting events. With his innate understanding of Panasonic and the India market, he has catapulted the Panasonic brand to make it high on local flavor with a major youth connect, and a presence across India. An integral part of the strategy has been plans to introduce Panasonic products in India that match the needs and aspirations of Indian households and businesses.

Panasonic has been in India for close to 38 years, and is now in the process of consolidating its operations here. Panasonic India, the Global Technology leader has introduced its new range of CRT TV sets namely, 21GX20C, 21FX20CGSI and 21FX70C3 packed with exciting features. Priced between Rs 7790 and Rs 9990, Panasonics new range is aimed to enhance the wholesome TV viewing experience of the customers by creating a captivating environment that is best ensured with the rich features its equipped with.

The new found aggressiveness of Panasonic India marks a sea change in the companys attitude where it seems keen to regain its leadership position in consumer durables and other technology products. During 2001 to 2008 the company saw its sales dipped and it conceded market share to Samsung, LG and
16

Sony. It was during these times that globally there was a major technological shift across product categories and Indian market was relatively smaller. Globally the company chose to focus on other developed markets instead, The company will tweak its products to meet the specific requirements of Indian consumers. We are exploring opportunities in the mass segment especially in the tier-II and tier-III cities. Panasonic has identified three business verticals to drive sales growth. The first comprises consumer durables with LCD and plasma televisions, ACs, refrigerators, the second camera and office automation products while the third would be accessories for audio-visual products. Besides understanding the strategy adopted by different players, several other factors industry growth, concentration and balance, corporate stakes, fixed cost, and product differences need to be analyzed to determine the extent of rivalry between the existing Players.

17

FUTURE PLANS OF PANASONIC

Panasonic India is all set to relaunch Japanese consumer durable brand Sanyo in the country by April next year. 'We want to market Sanyo brand in tier II and tier III cities in the country while Panasonic will penetrate the metro and other big cities,' Manish Sharma, director (marketing) of Panasonic India revealed at one of press conference. Panasonic plans to project Sanyo as a mass market brand in the country. Panasonic had bought the Sanyo brand for $9 billion. Panasonic would introduce sound system, LCD, refrigerators and washing machines under Sanyo brand.

Panasonic aims to generate $2-bn revenue from India With its South Korean competition including Samsung and LG retaining their firm grasp over India's consumer electronics market, Japanese major Panasonic is banking on localized products and significant marketing spend to make inroads into one of its strategic regions. By 2012, Panasonic intends to generate sales revenues of about $2 billion (about Rs 8,900 crore) from India, which will be a substantial jump from its turnover of Rs 3,200 crore in FY 2010. The consumer durable segment accounts for 65 percent of Panasonic's turnover in India.
18

"I cannot tell you how much we will spend there," Panasonic Asia Pacific Managing Director Yorihisa Shiokawa told Business Standard when asked to specify the company's likely investments in India, "but it is very much true that Korean manufacturers like Samsung and LG have developed their business and are much ahead of us." As part of its plan to gain market share, Panasonic will establish its largest manufacturing facility in the country in Haryana, which will be operational by 2012, apart from the recently announced research and development centre in Gurgaon that will focus on products for the domestic market. Both facilities will have a combined cost of under $300 million, according to the company's website.

Panasonic India is also setting up a techno park in Jhajjar, Haryana, with an investment of Rs 1,000 crore, which manufactures ACs. The park will be ready by August 2012. "Panasonic has a 4 per cent market share, but are targeting 15 per cent market share by the end of 2011. Of the total air-conditioner market in the country, 75 per cent belongs to split, while the remaining is window ACs. The company aims to capture 25 per cent market share in split ACs by 2012,". .

19

 Part of the challenge, however, remains with the Indian consumer, Shiokawa explained, who have specific preferences, unlike those in other markets. As a result, Panasonic believes that its products will have to be tweaked to cater to local inclinations. "For instance, we developed and introduced a new LCD TV and home theatre system under the name 'Sound for India'. Volume, particularly bass sound, should be strengthened much more than the standard market. We were able to successfully develop these products and introduce them to the market, and we have been accepted," he added. For the same reasons, Panasonic also developed its Cube air-conditioner, a split unit available at the cost of a window unit.

Panasonic is aiming for a billion - dollar revenue from its India operations by 2012 and is looking to foray into the automobile sector. The company is in the process of negotiating with leading car makers in the country to sell its product to them, which it plans to launch in the second quarter of 2011.

While innovation and localization are important, the electronics maker will also look at increasing its brand awareness and presence."On one hand, product-wise, we are trying to develop proper products (suited) to the Indian market. But we also have to make the
20

products known to the consumer. We need to invest in mass media advertisement. Therefore, this year, we will invest around $40 million in advertising for the Indian market," said Shiokawa. The company has also tied up with All India Football Federation to promote its products. Panasonic has been a strong supporter and endorser of football in Thailand and is delighted to extend this association in India with the sport, Panasonic India CEO Daizo Ito said.

21

FUTURE PLANS OF PANASONICS COMPETITORS

The consumer durables sector has witnessed a tremendous growth in recent times. Be it flat screen televisions or air conditioners (AC), timing is not a constraint anymore. Though white good majors are known to push their varied offerings in ACs during the summer months, some companies are setting a new trend by launching new ACs in winters. Powers saving devices are also in vogue this winter season. Companies say timing or season is no longer a constraint for introducing new products and hence consumer durable firms heat up market with new AC launches.

Hitachi Home and Life Solutions (India) Pvt Ltd is keen to push the envelope. The firm, which launched its 'Summer' brand of five-star rated window ACs in Mumbai on Monday, is looking to capture 10 per cent of the market share. The Bureau of Energy Efficiency (BEE) rates the power saving potential of an electronic device and grants it star ratings. The rating is on a scale of one to five. The higher the rating, the higher the energy saving. "Our 10 per cent market share target, in terms of sales volume, will translate into 12 per cent in value terms in the next financial year," said Motoo Morimoto, managing director (MD), Hitachi Home and Life Solutions (India) Explaining the timing of their product launch, Morimoto said, "India is a

22

growing market. To get a large share, we have to lay down our road map till 2015.''

Godrej Appliances, which has cornered over 7 per cent market share in the AC segment, is looking to build on it this year. "The AC market in India has been growing at a compound annual growth rate (CAGR) of 29 per cent. This year, the industry is expected to grow by 30-40 per cent given the increase in disposable income," said Kamal Nandi, vice president, sales and marketing, Godrej Appliances. "We at Godrej are targeting 100 per cent growth with our recently launched range of 46 AC models,'' Nandi added. Manish Sharma, director of marketing at Panasonic India Pvt Ltd, said the company has witnessed a huge demand for their power saving products. "We believe very soon all the customers will switch to using inverter technology models, as it is efficient and results in power saving. Not to be outdone, Hitachi, too, has decided to adopt an aggressive marketing plank. ``We offer 25 models of split ACs and 10 models of window ACs. We also have plans to expand in either segment,'' said Gurmeet Singh, vice president and head of sales and business planning, Hitachi in one of the press release. "We will reach 317 towns by February 2011, from the 236 towns as on June 2010. In order to reach more customers, we are also expanding our Kaze AC range for the mass market," he said.
23

WHAT I LEARN DURING TRAINING

With the expansion of the Internet, the value of information safety has been on the rise. There is no standard definition of intrusion detection as such. Usually, intrusion detection is recognized as the discovery of network behaviors that abuse or put in danger network security. Intrusion detection can be treated as a pattern recognition problem which distinguishes between network attacks and normal network behaviors or further distinguishes between different categories of attacks. Any set of events that try to compromise on the accessibility, reliability or privacy of resources is called as interruption. An intruder is a person or collection of persons who initiates the events during the interruption. Also, the intruder can be from within the system, that is, someone with the permission to use the computer with normal user privileges, or someone who uses a hole in some operating system to escalate their privilege level, or it can be from outside the system that is someone on another network or perhaps even in another country who exploits a vulnerability, weakness in an unprotected network service on the computer to gain unauthorized entry and control. An intrusion recognition system is in fact a security layer used to notice continuing interfering activities in information systems. Conventionally, intrusion discovery heavily depends on widespread knowledge of safety experts, in particular, on their knowledge with the processor system that is to be
24

sheltered. To diminish this dependency, a variety of mechanism learning techniques and data mining techniques has been deployed for intrusion discovery. Most often working of IDS is in dynamically altering surroundings, which results in constant tuning of the intrusion finding model, so as to maintain enough presentation. The physical alteration process necessary by current systems depends on the system operators in functioning out the tuning answer and by integrating it into the discovery model. Moreover Network intrusion detection aims at separating the attacks on the Internet from normal use of the Internet. It is a very important and essential piece of the information safety system. Due to the diversity in network behaviors and the rapid development of attack fashions, it is of prime importance to develop fast machine-learningbased intrusion detection algorithms with low false-alarm rates and high detection rates and.

25

Platform choice

Java Swing : Swing is a toolkit fr Java. It is part of Sun Microsystems Java Foundation Classes (JFC) an API for a graphical user interface (GUI). Swing was developed to give a more sophisticated set of GUI components than the Abstract Window Toolkit (AWT). Swing gives a native look and feel which emulates the look and feel of several platforms. Using Swings we will develop the user interface of our intrusion detection system which will show all the functionalities of the system such as create rule, prediction and tuning. The most important advantage of java swings is the cross-platform support, which allows developers to build applications that execute on Windows, Mac and Linux. Swings in addition also provides a very rich set of components and features that can very easily satisfy the requirements of many types of different applications, such as development tools, administration consoles, and business applications.

26

Literature Survey

Protection of any system forms an important aspect of any computing system. Protection encompasses the accessibility, reliability and privacy of the resources gave by a computing system. Three aspects of network systems create these systems more susceptible to attack than as compared to self-sufficient machines Networks typically provide more number of resources than independent machines Network systems are normally configured to facilitate resource sharing Global protection policies that can be applied to all of the machines in a network are rare.

As discussed earlier in order to reduce the dependency of security experts, found in traditional systems there was a lot of research efforts invested in different research projects which led to the rise of different data mining and machine learning methods that could be easily incorporated in different intrusion detection systems. Audit data analysis and mining was one such technique that combined the logic of mining association rules and classification in order to identify and detect intrusion from the network traffic. Whereas ISA (Information system assurance

27

laboratory) utilized the technique based on statistics along with chi-square and exponentially weighted moving averages for statistical analysis of audit data.

Information security on the Internet consist the following: 1) Protection: The information system is automatically protected to avoid security violations that are called intrusions. 2) Detection: Security violations are detected as soon as they occur. 3) Reaction: Reactions, such as pursuit of hackers or automatic alarm are performed when the system is intruded upon. 4) Recovery: The information system automatically repairs the damages caused by an intrusion. Intrusion detection forms a crucial part of information security. Only if intrusions are correctly detected can the subsequent reaction and recovery be successfully implemented.
3

Intrusion detection system is based on the fact that an intrusion will be detected by a change in the normal patterns of resources. Intrusion detection is a methodology by which any undesirable or abnormal activity can be detected. An intrusion discovery scheme is a monitoring system which reports the entire gives alert to the system machinist whenever it infers from its discovery model. Intrusion discovery System (IDS) is software, hardware or mixture of both, that
28

is help to notice intruder movement. IDS may have dissimilar capacities depending upon how stylish and complex the mechanisms are. IDS appliances that are a mixture of software and hardware are obtainable from lot of organization. An IDS may possibly apply anomaly based techniques, signatures, or together. Alerts are any kind of user announcement for an intruder action. When IDS detects an intruder, it informs the security supervisor about this by means of alerts. These alerts may be in the form of logging to a console, pop-up windows, sending e-mail and so on. It is an unrelenting active attempt in

discovering or detecting the presence of intrusive activities. As Intrusion discovery (ID) relates to computers and network communications it encompasses a far broader range. All processes recommended by it, to which are used in discovering or detecting illegal uses of network or computer devices. This is achieved by the use of purposely deliberate software with a lone reason of detecting abnormal or irregular movement. Depending ahead the network topology, we can place intrusion discovery systems at one or more locations. It also depends upon the type of intrusion behavior we want to notice: interior, exterior or both. For instance, if we wish to detect only exterior intrusion behavior, and we have only single router linking to the Internet, then the finest position for an intrusion discovery system may be just inside the firewall or a router. If numerous paths exist toward the Internet, then we want to position one IDS package at every entrance point. But if we want to discover interior threats as well, then a box should be placed in every network section.
29

3.1 Basic architecture of IDS One of the approaches of developing a network safety is to describe network behavior structure that point out offensive use of the network and also look for the occurrence of those patterns. While such an approach may be accomplished of detecting different types of known intrusive actions, it would allow new or undocumented types of attacks to go invisible. As a result, this leads to a system which monitors and learns normal network behavior and then detects deviations from the normal network behavior.

Fig 1: Basic architecture of IDS

30

3.1.1 Data Sampling: The first step in collecting data is to find exactly what type of data should be collected. Because of the objective of this project is going towards intrusion detection at the network level, a natural choice for data transmission is the network transmission packet. The network gives two types of information to study: transport information and user information, but for this only transport information is selected. Transport data information contains a structured pair of source and destination. It also consists of some type of checksum on which the integrity of a packet is determined. Transport information is added to the packet as a part of the network transmission protocol. Transport information which cannot be made deceptive by fraudulent user is called as unbiased data. The user information contains information that is going to be transformed from one machine to another. This can be easily modified by fraudulent user and hence we call it as biased data. The next stair in collecting data is to design a device for monitoring network packets. Since finding an intrusion is not reliant on any particular method used to check packets, any method thats capable of obtaining a suitable data example is acceptable. The last step in collecting is to process it in such a way that it is distorted into a format which is satisfactory to the classifier system. 3.1.2 Data Preprocessing: There are some values which are important to classifier. These are as given: Packet size value,
31

timestamp value,

Ethernet source-destination ordered pair. There are 2 reasons for preprocessing data: 1) In the case of packet sizes and source and destination address, the raw data can be compacted without loss of relevant information. This results in data which is easier to manipulate for classifier system. Also, this data requires less disk storage space. 2) In the part of time stamp information, the basic second count provided is greater than before so as to comprise relative information of day of week and hour of day. This allows for the structure of network performance which is depends on human temporal patterns.

3.1.3 Classifier system: The classifier scheme is a similar, law based, message passing system. All rules are of the type action form. This action form is receipt of the messages and the action is the sending of messages when the rule is satisfied. All messages hold a tag specifying their source and an extra information field.

32

Fig 2: A classifier system consists of four parts:

1) An input interface In this case an input interface is a message that contains information taken from a 4-tuple describing an individual packet information. 2) The classifiers The classifiers are the rules which describe the behavior in which the system operates and creates messages. 3) The list of message The message list is a directory of all messages yet to be measured by the classifier policy. The messages possibly will from fulfilled rules or from input interface. 4) The output interface
6

33

An output interface is message signifying whether recent network performance is supposed to be regular or irregular. Consider a simple example of how classifier system works. Suppose that transmission of packets, each of size 100, were being considered as an indicator of normal network behavior and anybody interested in the number of packets of size 100 over a one second period needs to evaluate 5, 50 and 150 as possible threshold of abnormality. Then there are three classifier rules: 1) Rule 1 would examine all mails from the input interface. It would now use the size and time values in those messages to maintain a count of packets of size 100 over a sliding time window of one second. After giving out an input message it will set on the message list a message of its own with the simplified count for the final second. 2) Rule 2 observes all messages set on the message list by Rule1. In case the present count of packets of size 100 above the last second exceeds 5 then Rule 2 in turn puts message on the list of message notifying that its threshold has been crossed. 3) Rule 3 and 4 reads all mails having from Rule1 and if the current count exceeds their particular threshold of 50 and 150 they too put messages on the list of message. The productivity interface attends to all messages from Rule2,3,4.when any of those rules have excited and put a message on the list demonstrating that its
34

threshold has been exceeded, then the output interface will inform the surroundings that the rule is predicting the occurrence of abnormal behavior.

3.1.4 Types of IDS: Intrusion discovery systems can be broken down up into 3 major categories: 1. Host-based Systems: is a system in which an IDS examines data that comes straight from individual systems, or computers (hosts), it is hostbased. Examples of data sources include event logs for and applications (Web servers, database products, etc). 2. Network-based Systems: When IDS observes data as it moves crossways the network, such as TCP/IP traffic, it is called as network based. 3. Hybrid Systems: A hybrid scheme is just an IDS that has features of both network based scheme and host based scheme.
7

3.2 System Overview Since the introduction of the Internet, intrusion attempts on Network Systems have increased to a great extent. With increase in security measures, there have been clever attacks by much more sophisticated attackers. Because of this Network Intrusion Detection Systems (NIDS) have become increasingly necessary in todays scenario. In the current scenario if you have internet, then firewall as well as network intrusion detection system is essential. There is already a number of "ready to run" i.e.
35

software option available which try to provide some measure of network security. An intrusion in computer networking terms is defined as someone (hacker, cracker) trying to bypass security protocols and infiltrate a network system. The impulse behind this could be something as small as misusing email for spam, stealing confidential data, or any number of things for which a system administrator could be held responsible. Evidences have shown that these attacks are becoming more intelligent, subversive and harmful. It has become certain that anyone accountable for a network with an Internet presence is now a potential target, and intrusion detection systems are quickly becoming an essential necessity.

3.2.1 Beginning A USAF paper available in Oct 1972 written via James P. Anderson explained the fact that the USAF had "become ever more aware of computer security problems. This difficulty was felt practically in every part of USAF workings and administration". During that period of time, USAF had to perform the daunting tasks of providing shared used of their computer systems, which consisted of various levels of classifications in a need to know environment with a user base containing various levels of security clearance. Thirty years ago, this created a serious problem that still exists with us today. The problem is: How to safely protect separate classification domains on the same network without any
36 8

compromise in security? The first task was to find and define the threats that existed. Before designing IDS, it was necessary to understand and comprehend the types of threats and attacks that could be mounted against computers systems and how to recognize them in an audit data. In fact, it was possibly referring to the necessity of a risk evaluation plan to understand the threat (what the risks are or vulnerabilities, what the attacks might be or the means of penetrations) thus subsequent with the creation of a security policy to protect the systems in place. Among 1984 and 1986, Dorothy Denning and Peter Neumann examined and designed the first model of real-time IDS. This trial product was named the Intrusion discovery Expert scheme (IDES). This IDES was originally a rule-based specialist system skilled to detect known cruel movement. This same system has been developed and improved to form what is identified today as the Next Generation Intrusion discovery Expert scheme (NIDES).The report published by James P. Anderson and the work on the IDES was the start of much of the research on IDS throughout the 1980s and 1990s.An intrusion detection system (IDS) is a system designed to systematically detect host attacks on a network. These systems provide a secondary, passive level of security by providing the administrator with critical information about intrusion attempts. Datagrams are simply the packet bundles of information that computer systems use to communicate with each other over the network. Typically an IDS is not intended to block or actively counter attacks, but some newer systems have an active capacity for dealing with
37

threats. Indeed, a very knowledgeable human being should be watching and making value judgments on the 'alerts' that the IDS has presented him or her with. While firewalls can be thought of as a border or security perimeter, IDS should detect whether that border has been reached .Under no circumstances does an IDS guarantee security, but with proper policies, authentication, and access control, some measure of security can be attained.

3.2.2 Types of IDS 3.2.2.1 Host-Based Host-based approaches detect intrusions utilizing audit data that are collected from the target host machine. As the information given by the review data can be tremendously inclusive and complicated, host based approaches can acquire high discovery rates and low false alarm rates. However, there are disadvantages for host-based approaches, which include the following: 1) Host-based approaches cannot easily prevent attacks: when an intrusion is detected, the attack has partially occurred. 2) Audit data may be altered by attackers, inuencing the reliability of review data.

38

The data from a solo host is used to notice symbols of interruption as the packets Enters or exits the host. Host-based systems are becoming more and more popular due to their effectiveness at handling insider misuse. This is mostly due to the IDS assembly data (log files) from each dangerous machine within the network, while network based systems can only analyses the data that passes by a exacting network node. Host based scheme stand out at stopping the following: Data Access/Modification: The makeup of mission critical data is different for every organization, but includes things like the Web site, customer or member databases, proposal information, and personnel records. By observance an eye on the access of this data and taking note of changes, host based IDSs are superior at significant when something altered that should not have. Abuse of Privilege: This is probably one of the most serious problems in most organizations, and an area where host-based IDSs excel. By observing track of changes to permissions, the host based scheme can inform safety personnel when the doors are swinging too large. In adding up, most host based scheme allow safety admin to get a rapid view of the privileges that survive across their organization, and can ensure that people like past employees are detached from all systems.

39

Network-Based Network-based approaches detect intrusions using the IP package information collected by the network hardware such as switches and routers. Such information is not so plentiful as the review data of the objective host machine. Nevertheless, there are advantages for network based approaches, which include the following: 1) Network-based approaches can detect the so-called distributed intrusions over the whole network and thus lighten the burden on each individual host machine for detecting intrusions. 2) Network-based approaches can defend the machine against attack, as detection occurs before the data arrive at the machine.

The information from a network is scrutinized next to a database and it flags those who look doubtful. Review data from one or more than a one hosts may be used as well to detect symbols of intrusions. Network based systems focus on observing the network packets, by sniffing them, which means that they proof traffic as it goes by. Some IDS's of this type can be installed in more than one location, which is usually referred to as a Distributed IDS. Network-based IDS's tend to be less expensive than their host based cousins, as they typically only need to be installed near the entry/exit point of the network.
10

40

Network-based systems do extremely well at stranger attacks, and focus on catching people before they are authenticated. Areas where they will be good at comprise stopping the following: DOS & Packet Manipulation: A denial of service (DOS) attack is when someone sends an overload of network packets to a single resource, causing it to either crash or become so slow as to be unresponsive. A more advanced version is the Distributed Denial of Service attack, in which multiple computers all attack the resource simultaneously. Many network attacks involve sending network packets that are of incorrect size or configuration, which often causes the targeted resource to crash. Network-based IDSs, because they can process huge amounts of network traffic and sit in an optimal location, are excellent for blocking such attacks. However, note that they can also be a prime target for these attacks. Unauthorized Use: This is the most common attack type that people think of when they hear about IT security. Network-based IDSs are ideal for tracking unauthorized access, meaning intruders that are attempting to login to a machine without the proper credentials, compromise a machine to create a jump-off point, and those that are looking to grab passwords or data.

41

42