Training Project Report On
65
TRAINING PROJECT REPORT ON TUNING PROCESS IN PANASONIC INDIA SUBMITTED IN PARTIAL FULLFILLMENT OF DIPLOMA IN ELECTRONICS SUBMITTED BY: SUBMIT 1
Transcript of Training Project Report On
TRAINING PROJECT REPORT ON
TUNING PROCESS IN
PANASONIC INDIA
SUBMITTED IN PARTIAL FULLFILLMENT OF
DIPLOMA IN ELECTRONICS
SUBMITTED BY:
SUBMIT
1
DECLARATION BY LEARNER
I Shweta Singh hereby declare that the Project titled STUDY OF CONSUMER
AWARENESS FOR IDEA CELLULAR SERVICES is an Original piece of work. It has
been submitted in partial fulfillment for the Award of the Bachelor of Business
Administration.
Date:
Place: Meerut
2
ACKNOWLEDGEMENT
I take the opportunity to express our gratitude to all the concerned people who have directly
or indirectly contributed towards completion of this project. I extend my sincere gratitude
towards Mr. Sanjay Kumar Marketing Manager at Idea Cellular for providing the opportunity
and resources to work on this project.
I am extremely grateful to Ms. Renu Dudeja, Faculty BBA my mentor for her guidance and
invaluable advice during the projects.
At Last I would like to thanks my parents and friends for their support.
3
INDEX
2 Company Certificate
3 Declaration by learner
4 Acknowledgement
5 Preface 5
6 Introduction about the study 7
7 About the Industry 10
8 Objectives 15
9 Company Profile 16
10 Literature Review 32
12 Research Methodology 40
13 Data Analysis 44
14 Conclusion 60
15 Findings 61
16 Recommendations 62
17 Limitations 63
18 References 64
18 Annexure 65
4
COMPANY BACKGROUND
Panasonic Corporation, headquartered in Osaka, Japan, is a worldwide leader in
the manufacture of electronic products for a wide range of consumer, business
and industrial needs. With a turnover of USD 79 billion, the company ranks
65th in the Fortune 500 list of the largest global corporations and is ranked 4th in
Fortune 500 index for ‘Electronics and Electrical Equipments’ and ranked as a
‘World Super 50’ by Forbes. Its operations span 9 countries, with a workforce
of about 385,000 spread over 75 companies. Panasonic has built 297
manufacturing facilities across the world, and has an annual spend exceeding
US$5 billion on research and development. The Company recently acquired
Sanyo in a USD 9 billion deal, making it the world’s second largest
conglomerate in the electronics industry.
The Company provides solutions, not just products, to make everyday home and
business life simpler, convenient and energy efficient, achieved through
innovative technologies. At Panasonic, designers and engineers constantly
endeavor to ensure that each evolution of product is better than its previous
version by following stringent process to develop products that are more energy
efficient, water efficient and long lasting. Under its global Eco Ideas
programme, which includes Eco Ideas for Life styles & Business – styles, the
company develops energy-efficient, state-of-the-art products and encourages
5
customers to live eco-conscious lifestyles with an aim to reduce CO2 emissions
in households and manufacturing units.
6
Company Vision: To be the No1 Green Innovation Company worldwide in
the Electronics industry by year 2018.
Company Mission: The belief in our basic management objective to devote
ourselves to the progress and development of society and the
well-being of all people around the globe has been the
foundation of the company.
Outline of Panasonic India
Date of Establishment: Panasonic India Pvt. Ltd.(Consumer Sales Division)
was established on 14th July 2006.
Wholly Owned Subsidiary: Panasonic Corporation
Principal Activity Panasonic India Pvt. Ltd.: (Consumer Sales Division) is a
sales, marketing and distribution company for the Panasonic brand of consumer
durable and home appliance products in India. PI registered office is in Chennai,
Tamil Nadu.
7
India Operations
Panasonic India Pvt. Ltd (PI) operates through following companies:
Consumer Sales Division (CSD) for making available consumer electronics
appliances from the Panasonic stable.
System Sales Division (SSD) for making available display, projectors,
telephones, PBX/KTS, fax machines, security and networking products.
Panasonic Automotive Systems India (PASI) specializes in sales and support
of in-car equipment and systems that provide comfort - such as multimedia
equipment- safety, environmental protection and power management.
Panasonic Industrial India (PIIN) for making available compressors, motors
for Air conditioners and Refrigerators, Various types of Battery for application
such as UPS / E-Bike / Windmill / Solar System / and many other industrial
applications, Components for Printed Circuit Boards (Capacitor, Resistor, Coil,
Switches, Sensors, Semiconductors, and more.), Flat and Plasma Panel for Flat
TV and Plasma TV, Heat Exchanger for BTS relating applications, Welding
and SMT equipments for manufacturing Industry.
Panasonic Home Appliances India Co. Ltd [PHAI] for manufacture, import,
marketing and sales of kitchen appliances and small domestic appliances.
Product categories include beauty care, personal care and health care items.
PHAI is headquartered in Chennai, Tamil Nadu.
8
Panasonic AVC Networks India Ltd [PAVCI] for manufacturer of CRT TVs
and LCDs. PAVCI is based in Noida, UP.
Panasonic Energy India Co Ltd [PECIN] for manufacture and sales of dry
cell batteries. PECIN is based in Baroda, Gujarat.
Panasonic Carbon India Co Ltd [PCIN] for manufacture and sales of carbon
rods. PCIN is based in Chennai, Tamil Nadu.
Anchor Electricals is a group company of Panasonic Corporation in India
Sanyo and Panasonic Electric Works has fully amalgamated with Panasonic
Corporation.
9
Product Categories:
Digital audio-visuals: Plasma/LCD/LED/3D TVs, DVD players, cameras &
camcorders
Home appliances: refrigerators, washing machines, air conditioners,
microwave ovens, rice cookers & mixer grinders
Health & Beauty appliances: handheld massager, water purifier & hair dryer
Professional communications: cordless phones & faxes
Business solutions: multi-function copiers & notebook PCs
Professional audio-visuals: professional cameras & security systems.
Industrial components: compressors, motors for Air conditioners &
Refrigerators; Batteries for industrial applications; Flat and Plasma panels;
Welding and SMT equipments for manufacturing Industry
Car equipments: in-car equipment and systems
The Company promotes technology transfer in recognition of the wisdom of
shared expertise and resources in order to enhance product and machine
technology advancement, productivity and quality excellence. With local
participation in its state-of-the-art R&D activities, there is not only mutual
technological progress but it also ensures the highest product quality under the
local operating conditions.
10
Growth and Achievements
Panasonic in India registered sales of Rs 2,200 crore in FY 2009, and was
estimated to do a turnover of Rs 3,200 crore in FY 2010.
Panasonic is investing USD 300 million in India to set up an R&D and
manufacturing facility and on marketing initiatives. Panasonic is developing, in
Haryana, the “Panasonic Techno park”, an R&D and manufacturing facility for
air conditioners, refrigerators and washing machines.
Panasonic is on track to generate sales revenue of USD 2 billion by 2012 in
India.
History of Panasonic
Panasonic was founded in 1918 by Konosuke Matsushita. The Panasonic
brand was created from the elements "pan" meaning "all" combined with
"sonic" meaning "sound", because it was first used for audio equipment.
The company that was to become Panasonic was started on March 7, 1918,
when Konosuke Matsushita moved from his tiny dwelling to a larger two-story
house, and set up Matsushita Electric Housewares Manufacturing Works. The
staff consisted of three people: the 23-year-old Matsushita, 22-year-old
Mumeno and her brother Toshio lue, then just 15. The Panasonic brand was
11
created by Matsushita in 1955 for the Americas region because the National
brand was already registered by others.
Matsushita manufactured two new products-an attachment plug and a two-way
socket. They proved popular as they were of higher quality than other products
on the market, and were 30% to 50% cheaper.
"'...(Youth) is a matter of the will, a quality of the imagination, a vigor of the
emotions...Youth means a temperamental predominance of courage over
timidity, for adventure over the love of ease...'
"The exercise of creativity and daring brings problems to the surface, but it also
imbues us with the vigor to confront them.
Daring always implies a risk of failure, from which we must be willing to stand
up and try again. Yet even failures can empower us. To do the pedestrian, the
obvious, accomplishes nothing. We will create a bright future for our company
when each employee sits down and asks him or herself about what he or she
should be doing."
Today, Panasonic is a Multi-Million Company, spread throughout the globe.
There would hardly be someone who is not using even a single product of
Panasonic. And, Panasonic India is Panasonic Corporation's Indian Branch,
12
which is emerging as a National Giant, catering quality products to the
Consumer Market in India.
National Panasonic India Ltd. was established in 1994. It was set up to provide
higher quality Electronic Products supported by service In India. The Electronic
Products from Panasonic can be classified into three categories comprising a
variety of products under them. About 50% of turnover comes from the
Japanese domestic market and of the rest, India contributes about 4%. In India,
Panasonic is among the top 100 Most Trusted brands listed by The Brand
Trust Report.
13
OVERVIEW OF CONSUMER DURABLE INDUSTRY
Consumer durables are the products whose life expectancy is at least 3 years.
These products are hard goods that cannot be used up at once. The consumer
durables sector can be segmented into consumer electronics, such as
WHITE GOODS KITCHEN
APPLIANCES/BROWN
GOODS
CONSUMER
ELECTRONICS
• Refrigerators • Mixers • Mobile phones
• Washing machines • Grinders • Televisions
• Air conditioners • Microwave oven • MP3 players
•Speakers and audio
equipment
Irons • DVD players
• Electric fans • VCD players
• Cooking range
• Chimneys
14
CLASSIFICATION
Degree of Rivalry
Degree of rivalry denotes the intensity of competition within the industry.
Panasonic, Samsung, LG, Sony are the major competitors in television industry.
Onida and Videocon are other big competitors Although Panasonic, another
major player has managed to hold its own in the midst of the onslaught from the
Korean majors. Other large Indian companies in the top of the list are Mirc
Electronics. While Mirc Electronics is managing to hold its share by adopting
value for money strategy, BPL is facing tough time, experiencing drastic
decline in market share. Sony, Philips, Akai, Sansui, Aiwa, Toshiba and now
Hyundai are the other foreign brands in the market. The industry is based on
numbers game and companies will have to maintain a fine balance between
catering to lifestyle requirements and meeting the needs of average consumer.
PANASONIC:
Introduced its new global branding concept slogan of "PANASONIC ideas for
life", the company is implementing a worldwide brand strategy, here in India.
The new slogan is reflective of Panasonic's aim to redefine its brand value,
which will deliver ideas that are valuable and beneficial to their customers in
their daily life.
15
Mr. Manish Sharma, Director - Marketing, Panasonic India has been
formulating and implementing Panasonic’s marketing initiatives in India, to
effectively communicate the Panasonic brand values. As a major initiative in
this direction, he has been instrumental in celebrity associations with Panasonic
and endorsement of sporting events. With his innate understanding of Panasonic
and the India market, he has catapulted the Panasonic brand to make it high on
local flavor with a major youth connect, and a presence across India. An
integral part of the strategy has been plans to introduce Panasonic products in
India that match the needs and aspirations of Indian households and businesses.
Panasonic has been in India for close to 38 years, and is now in the process of
consolidating its operations here. Panasonic India, the Global Technology
leader has introduced its new range of CRT TV sets namely, 21GX20C,
21FX20CGSI and 21FX70C3 packed with exciting features. Priced between Rs
7790 and Rs 9990, Panasonic’s new range is aimed to enhance the wholesome
TV viewing experience of the customers by creating a captivating environment
that is best ensured with the rich features it’s equipped with.
The new found aggressiveness of Panasonic India marks a sea change in the
company’s attitude where it seems keen to regain its leadership position in
consumer durables and other technology products. During 2001 to 2008 the
company saw its sales dipped and it conceded market share to Samsung, LG and
16
Sony. “It was during these times that globally there was a major technological
shift across product categories and Indian market was relatively smaller.
Globally the company chose to focus on other developed markets instead,” The
company will tweak its products to meet the specific requirements of Indian
consumers. We are exploring opportunities in the mass segment especially in
the tier-II and tier-III cities. Panasonic has identified three business verticals to
drive sales growth. The first comprises consumer durables with LCD and
plasma televisions, ACs, refrigerators, the second camera and office automation
products while the third would be accessories for audio-visual products.
Besides understanding the strategy adopted by different players, several other
factors industry growth, concentration and balance, corporate stakes, fixed cost,
and product differences need to be analyzed to determine the extent of rivalry
between the existing Players.
17
FUTURE PLANS OF PANASONIC
Panasonic India is all set to relaunch Japanese consumer durable
brand Sanyo in the country by April next year. 'We want to market
Sanyo brand in tier II and tier III cities in the country while Panasonic
will penetrate the metro and other big cities,' Manish Sharma, director
(marketing) of Panasonic India revealed at one of press conference.
Panasonic plans to project Sanyo as a mass market brand in the country.
Panasonic had bought the Sanyo brand for $9 billion. Panasonic would
introduce sound system, LCD, refrigerators and washing machines under
Sanyo brand.
Panasonic aims to generate $2-bn revenue from India
With its South Korean competition including Samsung and LG retaining their
firm grasp over India's consumer electronics market, Japanese major Panasonic
is banking on localized products and significant marketing spend to make
inroads into one of its strategic regions.
By 2012, Panasonic intends to generate sales revenues of about $2 billion
(about Rs 8,900 crore) from India, which will be a substantial jump from its
turnover of Rs 3,200 crore in FY 2010. The consumer durable segment accounts
for 65 percent of Panasonic's turnover in India.
18
"I cannot tell you how much we will spend there," Panasonic Asia Pacific
Managing Director Yorihisa Shiokawa told Business Standard when asked to
specify the company's likely investments in India, "but it is very much true that
Korean manufacturers like Samsung and LG have developed their business and
are much ahead of us."
As part of its plan to gain market share, Panasonic will establish its largest
manufacturing facility in the country in Haryana, which will be operational by
2012, apart from the recently announced research and development centre in
Gurgaon that will focus on products for the domestic market. Both facilities will
have a combined cost of under $300 million, according to the company's
website.
Panasonic India is also setting up a techno park in Jhajjar, Haryana,
with an investment of Rs 1,000 crore, which manufactures ACs. The
park will be ready by August 2012. "Panasonic has a 4 per cent market
share, but are targeting 15 per cent market share by the end of 2011. Of
the total air-conditioner market in the country, 75 per cent belongs to
split, while the remaining is window ACs. The company aims to capture
25 per cent market share in split ACs by 2012,".
.
19
Part of the challenge, however, remains with the Indian consumer,
Shiokawa explained, who have specific preferences, unlike those in other
markets. As a result, Panasonic believes that its products will have to be
tweaked to cater to local inclinations.
"For instance, we developed and introduced a new LCD TV and home theatre
system under the name 'Sound for India'. Volume, particularly bass sound,
should be strengthened much more than the standard market. We were able to
successfully develop these products and introduce them to the market, and we
have been accepted," he added. For the same reasons, Panasonic also developed
its Cube air-conditioner, a split unit available at the cost of a window unit.
Panasonic is aiming for a billion - dollar revenue from its India
operations by 2012 and is looking to foray into the automobile sector.
The company is in the process of negotiating with leading car makers in
the country to sell its product to them, which it plans to launch in the
second quarter of 2011.
While innovation and localization are important, the electronics
maker will also look at increasing its brand awareness and
presence."On one hand, product-wise, we are trying to develop proper
products (suited) to the Indian market. But we also have to make the
20
products known to the consumer. We need to invest in mass media
advertisement. Therefore, this year, we will invest around $40 million in
advertising for the Indian market," said Shiokawa.
The company has also tied up with All India Football Federation to
promote its products. “Panasonic has been a strong supporter and
endorser of football in Thailand and is delighted to extend this association
in India with the sport,” Panasonic India CEO Daizo Ito said.
21
FUTURE PLANS OF PANASONIC’S COMPETITORS
The consumer durables sector has witnessed a tremendous growth in recent
times. Be it flat screen televisions or air conditioners (AC), timing is not a
constraint anymore. Though white good majors are known to push their varied
offerings in ACs during the summer months, some companies are setting a new
trend by launching new ACs in winters. Powers saving devices are also in
vogue this winter season. Companies say timing or season is no longer a
constraint for introducing new products and hence consumer durable firms
heat up market with new AC launches.
Hitachi Home and Life Solutions (India) Pvt Ltd is keen to push the
envelope. The firm, which launched its 'Summer' brand of five-star rated
window ACs in Mumbai on Monday, is looking to capture 10 per cent of the
market share. The Bureau of Energy Efficiency (BEE) rates the power saving
potential of an electronic device and grants it star ratings. The rating is on a
scale of one to five. The higher the rating, the higher the energy saving.
"Our 10 per cent market share target, in terms of sales volume, will translate
into 12 per cent in value terms in the next financial year," said Motoo
Morimoto, managing director (MD), Hitachi Home and Life Solutions (India)
Explaining the timing of their product launch, Morimoto said, "India is a
22
growing market. To get a large share, we have to lay down our road map till
2015.''
Godrej Appliances, which has cornered over 7 per cent market share in the AC
segment, is looking to build on it this year. "The AC market in India has been
growing at a compound annual growth rate (CAGR) of 29 per cent. This year,
the industry is expected to grow by 30-40 per cent given the increase in
disposable income," said Kamal Nandi, vice president, sales and marketing,
Godrej Appliances. "We at Godrej are targeting 100 per cent growth with our
recently launched range of 46 AC models,'' Nandi added. Manish Sharma,
director of marketing at Panasonic India Pvt Ltd, said the company has
witnessed a huge demand for their power saving products. "We believe very
soon all the customers will switch to using inverter technology models, as it is
efficient and results in power saving.
Not to be outdone, Hitachi, too, has decided to adopt an aggressive marketing
plank. ``We offer 25 models of split ACs and 10 models of window ACs. We
also have plans to expand in either segment,'' said Gurmeet Singh, vice
president and head of sales and business planning, Hitachi in one of the press
release. "We will reach 317 towns by February 2011, from the 236 towns as on
June 2010. In order to reach more customers, we are also expanding our Kaze
AC range for the mass market," he said.
23
WHAT I LEARN DURING TRAINING
With the expansion of the Internet, the value of information safety has
been on the rise. There is no standard definition of intrusion detection as such.
Usually, intrusion detection is recognized as the discovery of network behaviors
that abuse or put in danger network security. Intrusion detection can be treated
as a pattern recognition problem which distinguishes between network attacks
and normal network behaviors or further distinguishes between different
categories of attacks.
Any set of events that try to compromise on the accessibility, reliability or
privacy of resources is called as interruption. An intruder is a person or
collection of persons who initiates the events during the interruption. Also, the
intruder can be from within the system, that is, someone with the permission to
use the computer with normal user privileges, or someone who uses a hole in
some operating system to escalate their privilege level, or it can be from outside
the system that is someone on another network or perhaps even in another
country who exploits a vulnerability, weakness in an unprotected network
service on the computer to gain unauthorized entry and control.
An intrusion recognition system is in fact a security layer used to notice
continuing interfering activities in information systems. Conventionally,
intrusion discovery heavily depends on widespread knowledge of safety experts,
in particular, on their knowledge with the processor system that is to be
24
sheltered. To diminish this dependency, a variety of mechanism learning
techniques and data mining techniques has been deployed for intrusion
discovery. Most often working of IDS is in dynamically altering surroundings,
which results in constant tuning of the intrusion finding model, so as to maintain
enough presentation. The physical alteration process necessary by current
systems depends on the system operators in functioning out the tuning answer
and by integrating it into the discovery model. Moreover Network intrusion
detection aims at separating the attacks on the Internet from normal use of the
Internet. It is a very important and essential piece of the information safety
system. Due to the diversity in network behaviors and the rapid development of
attack fashions, it is of prime importance to develop fast machine-learning-
based intrusion detection algorithms with low false-alarm rates and high
detection rates and.
25
1
Platform choice
Java Swing :
Swing is a toolkit fr Java. It is part of Sun Microsystems’ Java Foundation
Classes (JFC) an API for a graphical user interface (GUI). Swing was
developed to give a more sophisticated set of GUI components than the Abstract
Window Toolkit (AWT). Swing gives a native look and feel which emulates the
look and feel of several platforms.
Using Swings we will develop the user interface of our intrusion detection
system which will show all the functionalities of the system such as create rule,
prediction and tuning.
The most important advantage of java swings is the cross-platform support,
which allows developers to build applications that execute on Windows, Mac
and Linux. Swings in addition also provides a very rich set of components and
features that can very easily satisfy the requirements of many types of different
applications, such as development tools, administration consoles, and business
applications.
26
Literature Survey
Protection of any system forms an important aspect of any computing system.
Protection encompasses the accessibility, reliability and privacy of the resources
gave by a computing system. Three aspects of network systems create these
systems more susceptible to attack than as compared to self-sufficient
machines-
• Networks typically provide more number of resources than independent
machines
• Network systems are normally configured to facilitate resource sharing
• Global protection policies that can be applied to all of the machines in a
network are rare.
As discussed earlier in order to reduce the dependency of security experts,
found in traditional systems there was a lot of research efforts invested in
different research projects which led to the rise of different data mining and
machine learning methods that could be easily incorporated in different
intrusion detection systems.
Audit data analysis and mining was one such technique that combined the logic
of mining association rules and classification in order to identify and detect
intrusion from the network traffic. Whereas ISA (Information system assurance
27
laboratory) utilized the technique based on statistics along with chi-square and
exponentially weighted moving averages for statistical analysis of audit data.
Information security on the Internet consist the following:
1) Protection: The information system is automatically protected to avoid
security violations that are called intrusions.
2) Detection: Security violations are detected as soon as they occur.
3) Reaction: Reactions, such as pursuit of hackers or automatic alarm are
performed when the system is intruded upon.
4) Recovery: The information system automatically repairs the damages caused
by an intrusion.
Intrusion detection forms a crucial part of information security. Only if
intrusions are correctly detected can the subsequent reaction and recovery be
successfully implemented.
Intrusion detection system is based on the fact that an intrusion will be
detected by a change in the ‘normal’ patterns of resources. Intrusion detection is
a methodology by which any undesirable or abnormal activity can be detected.
An intrusion discovery scheme is a monitoring system which reports the entire
gives alert to the system machinist whenever it infers from its discovery model.
Intrusion discovery System (IDS) is software, hardware or mixture of both, that
28
3
is help to notice intruder movement. IDS may have dissimilar capacities
depending upon how stylish and complex the mechanisms are. IDS appliances
that are a mixture of software and hardware are obtainable from lot of
organization. An IDS may possibly apply anomaly based techniques, signatures,
or together. Alerts are any kind of user announcement for an intruder action.
When IDS detects an intruder, it informs the security supervisor about this by
means of alerts. These alerts may be in the form of logging to a console, pop-up
windows, sending e-mail and so on. It is an unrelenting active attempt in
discovering or detecting the presence of intrusive activities. As Intrusion
discovery (ID) relates to computers and network communications it
encompasses a far broader range. All processes recommended by it, to which
are used in discovering or detecting illegal uses of network or computer devices.
This is achieved by the use of purposely deliberate software with a lone reason
of detecting abnormal or irregular movement. Depending ahead the network
topology, we can place intrusion discovery systems at one or more locations. It
also depends upon the type of intrusion behavior we want to notice: interior,
exterior or both. For instance, if we wish to detect only exterior intrusion
behavior, and we have only single router linking to the Internet, then the finest
position for an intrusion discovery system may be just inside the firewall or a
router. If numerous paths exist toward the Internet, then we want to position one
IDS package at every entrance point. But if we want to discover interior threats
as well, then a box should be placed in every network section.
29
3.1 Basic architecture of IDS
One of the approaches of developing a network safety is to describe network
behavior structure that point out offensive use of the network and also look for
the occurrence of those patterns. While such an approach may be accomplished
of detecting different types of known intrusive actions, it would allow new or
undocumented types of attacks to go invisible. As a result, this leads to a system
which monitors and learns normal network behavior and then detects deviations
from the normal network behavior.
Fig 1: Basic architecture of IDS
30
4
3.1.1 Data Sampling:
The first step in collecting data is to find exactly what type of data should
be collected. Because of the objective of this project is going towards intrusion
detection at the network level, a natural choice for data transmission is the
network transmission packet. The network gives two types of information to
study: transport information and user information, but for this only transport
information is selected. Transport data information contains a structured pair of
source and destination. It also consists of some type of checksum on which the
integrity of a packet is determined. Transport information is added to the packet
as a part of the network transmission protocol. Transport information which
cannot be made deceptive by fraudulent user is called as unbiased data. The user
information contains information that is going to be transformed from one
machine to another. This can be easily modified by fraudulent user and hence
we call it as biased data. The next stair in collecting data is to design a device
for monitoring network packets. Since finding an intrusion is not reliant on any
particular method used to check packets, any method that’s capable of obtaining
a suitable data example is acceptable. The last step in collecting is to process it
in such a way that it is distorted into a format which is satisfactory to the
classifier system.
3.1.2 Data Preprocessing:
There are some values which are important to classifier. These are as given:
Packet size value,
31
5
timestamp value,
Ethernet source-destination ordered pair.
There are 2 reasons for preprocessing data:
1) In the case of packet sizes and source and destination address, the raw
data can be compacted without loss of relevant information. This results
in data which is easier to manipulate for classifier system. Also, this data
requires less disk storage space.
2) In the part of time stamp information, the basic second count provided is
greater than before so as to comprise relative information of day of week
and hour of day. This allows for the structure of network performance
which is depends on human temporal patterns.
3.1.3 Classifier system:
The classifier scheme is a similar, law based, message passing system. All rules
are of the type action form. This action form is receipt of the messages and the
action is the sending of messages when the rule is satisfied. All messages hold a
tag specifying their source and an extra information field.
32
Fig 2: A classifier system consists of four parts:
1) An input interface
In this case an input interface is a message that contains information
taken from a 4-tuple describing an individual packet information.
2) The classifiers
The classifiers are the rules which describe the behavior in which the
system operates and creates messages.
3) The list of message
The message list is a directory of all messages yet to be measured by the
classifier policy. The messages possibly will from fulfilled rules or from
input interface.
4) The output interface
33
6
An output interface is message signifying whether recent network
performance is supposed to be regular or irregular.
Consider a simple example of how classifier system works. Suppose that
transmission of packets, each of size 100, were being considered as an indicator
of normal network behavior and anybody interested in the number of packets of
size 100 over a one second period needs to evaluate 5, 50 and 150 as possible
threshold of abnormality.
Then there are three classifier rules:
1) Rule 1 would examine all mails from the input interface. It would now use
the size and time values in those messages to maintain a count of packets of
size 100 over a sliding time window of one second. After giving out an input
message it will set on the message list a message of its own with the
simplified count for the final second.
2) Rule 2 observes all messages set on the message list by Rule1. In case the
present count of packets of size 100 above the last second exceeds 5 then
Rule 2 in turn puts message on the list of message notifying that its threshold
has been crossed.
3) Rule 3 and 4 reads all mails having from Rule1 and if the current count
exceeds their particular threshold of 50 and 150 they too put messages on the
list of message.
The productivity interface attends to all messages from Rule2,3,4.when any of
those rules have excited and put a message on the list demonstrating that its
34
threshold has been exceeded, then the output interface will inform the
surroundings that the rule is predicting the occurrence of abnormal behavior.
3.1.4 Types of IDS:
Intrusion discovery systems can be broken down up into 3 major categories:
1. Host-based Systems: is a system in which an IDS examines data that
comes straight from individual systems, or computers (hosts), it is host-
based. Examples of data sources include event logs for and applications
(Web servers, database products, etc).
2. Network-based Systems: When IDS observes data as it moves crossways
the network, such as TCP/IP traffic, it is called as network based.
3. Hybrid Systems: A hybrid scheme is just an IDS that has features of both
network based scheme and host based scheme.
3.2 System Overview
Since the introduction of the Internet, intrusion attempts on Network Systems
have increased to a great extent. With increase in security measures, there have
been clever attacks by much more sophisticated attackers. Because of this
Network Intrusion Detection Systems (NIDS) have become increasingly
necessary in today’s scenario. In the current scenario if you have internet, then
firewall as well as network intrusion detection system is essential.
There is already a number of "ready to run" i.e.
35
7
software option available which try to provide some measure of network
security. An intrusion in computer networking terms is defined as someone
(hacker, cracker) trying to bypass security protocols and infiltrate a network
system. The impulse behind this could be something as small as misusing e-
mail for spam, stealing confidential data, or any number of things for which a
system administrator could be held responsible. Evidences have shown that
these attacks are becoming more intelligent, subversive and harmful. It has
become certain that anyone accountable for a network with an Internet presence
is now a potential target, and intrusion detection systems are quickly becoming
an essential necessity.
3.2.1 Beginning
A USAF paper available in Oct 1972 written via James P. Anderson explained
the fact that the USAF had "become ever more aware of computer security
problems. This difficulty was felt practically in every part of USAF workings
and administration". During that period of time, USAF had to perform the
daunting tasks of providing shared used of their computer systems, which
consisted of various levels of classifications in a need to know environment
with a user base containing various levels of security clearance.
Thirty years ago, this created a
serious problem that still exists with us today. The problem is: How to safely
protect separate classification domains on the same network without any
36
8
compromise in security? The first task was to find and define the threats that
existed. Before designing IDS, it was necessary to understand and comprehend
the types of threats and attacks that could be mounted against computers
systems and how to recognize them in an audit data. In fact, it was possibly
referring to the necessity of a risk evaluation plan to understand the threat (what
the risks are or vulnerabilities, what the attacks might be or the means of
penetrations) thus subsequent with the creation of a security policy to protect
the systems in place. Among 1984 and 1986, Dorothy Denning and Peter
Neumann examined and designed the first model of real-time IDS. This trial
product was named the Intrusion discovery Expert scheme (IDES). This IDES
was originally a rule-based specialist system skilled to detect known cruel
movement. This same system has been developed and improved to form what is
identified today as the Next Generation Intrusion discovery Expert scheme
(NIDES).The report published by James P. Anderson and the work on the IDES
was the start of much of the research on IDS throughout the 1980s and
1990s.An intrusion detection system (IDS) is a system designed to
systematically detect host attacks on a network. These systems provide a
secondary, passive level of security by providing the administrator with critical
information about intrusion attempts. Datagram’s are simply the packet bundles
of information that computer systems use to communicate with each other over
the network. Typically an IDS is not intended to block or actively counter
attacks, but some newer systems have an active capacity for dealing with
37
threats. Indeed, a very knowledgeable human being should be watching and
making value judgments on the 'alerts' that the IDS has presented him or her
with. While firewalls can be thought of as a border or security perimeter, IDS
should detect whether that border has been reached .Under no circumstances
does an IDS guarantee security, but with proper policies, authentication, and
access control, some measure of security can be attained.
3.2.2 Types of IDS
3.2.2.1 Host-Based
Host-based approaches detect intrusions utilizing audit data that are collected
from the target host machine.
As the information given by the review data can be tremendously inclusive and
complicated, host based approaches can acquire high discovery rates and low
false alarm rates.
However, there are disadvantages for host-based approaches, which include the
following:
1) Host-based approaches cannot easily prevent attacks: when an
intrusion is detected, the attack has partially occurred.
2) Audit data may be altered by attackers, influencing the reliability of review
data.
38
9
The data from a solo host is used to notice symbols of interruption as the
packets Enters or exits the host. Host-based systems are becoming more and
more popular due to their effectiveness at handling insider misuse. This is
mostly due to the IDS assembly data (log files) from each dangerous machine
within the network, while network based systems can only analyses the data that
passes by a exacting network node.
Host based scheme stand out at stopping the following:
Data Access/Modification: The makeup of mission critical data is
different for every organization, but includes things like the Web site,
customer or member databases, proposal information, and personnel
records. By observance an eye on the access of this data and taking note
of changes, host based IDS’s are superior at significant when something
altered that should not have.
Abuse of Privilege: This is probably one of the most serious problems in
most organizations, and an area where host-based IDS’s excel. By
observing track of changes to permissions, the host based scheme can
inform safety personnel when the doors are swinging too large. In adding
up, most host based scheme allow safety admin to get a rapid view of the
privileges that survive across their organization, and can ensure that
people like past employees are detached from all systems.
39
Network-Based
Network-based approaches detect intrusions using the IP package information
collected by the network hardware such as switches and routers. Such
information is not so plentiful as the review data of the objective host machine.
Nevertheless, there are advantages for network based approaches, which include
the following:
1) Network-based approaches can detect the so-called “distributed” intrusions
over the whole network and thus lighten the burden on each individual host
machine for detecting intrusions.
2) Network-based approaches can defend the machine against attack, as
detection occurs before the data arrive at the machine.
The information from a network is scrutinized next to a database and it flags
those who look doubtful. Review data from one or more than a one hosts may
be used as well to detect symbols of intrusions. Network based systems focus on
observing the network packets, by sniffing them, which means that they proof
traffic as it goes by. Some IDS's of this type can be installed in more than one
location, which is usually referred to as a Distributed IDS. Network-based IDS's
tend to be less expensive than their host based cousins, as they typically only
need to be installed near the entry/exit point of the network.
40
10
Network-based systems do extremely well at stranger attacks, and focus on
catching people before they are authenticated. Areas where they will be good at
comprise stopping the following:
DOS & Packet Manipulation: A denial of service (DOS) attack is when
someone sends an overload of network packets to a single resource,
causing it to either crash or become so slow as to be unresponsive. A
more advanced version is the Distributed Denial of Service attack, in
which multiple computers all attack the resource simultaneously. Many
network attacks involve sending network packets that are of incorrect size
or configuration, which often causes the targeted resource to crash.
Network-based IDS’s, because they can process huge amounts of network
traffic and sit in an optimal location, are excellent for blocking such
attacks. However, note that they can also be a prime target for these
attacks.
Unauthorized Use: This is the most common attack type that people think
of when they hear about IT security. Network-based IDS’s are ideal for
tracking unauthorized access, meaning intruders that are attempting to
login to a machine without the proper credentials, compromise a machine
to create a jump-off point, and those that are looking to grab passwords or
data.
41
42
