Application-based ids, Computer Network Security

Application-Based IDS

Application-based IDS (AppIDS) is an advanced version of HIDS. It examines application for abnormal events. The ability to view encrypted data is the unique advantage ofAppIDS. It may be configured to the following types of intercept requests and use them in combination and sequences.

-File System
-Network Configuration
-Execution Space

Advantages and Disadvantages of AppIDSs

Advantages


-Aware of specific users and can observe interaction between application and user
-Able to operate when the incoming data is encrypted

Disadvantages

-It is more susceptible to attack
-It is less capable of detecting software tampering
- Can be taken in by forms of spoofing

Posted Date: 10/9/2012 3:46:37 AM | Location : United States







Related Discussions:- Application-based ids, Assignment Help, Ask Question on Application-based ids, Get Answer, Expert's Help, Application-based ids Discussions

Write discussion on Application-based ids
Your posts are moderated
Related Questions
Question: (a) Describe the term interference in the space, time, frequency, and code domain. (b) Consider a 1 G - AMPS: 824-849 MHz (forward) ; 869-894 MHz (reverse). B

QUESTION: (a) Ethernet has grown in popularity in the recent years and is now used in LANs. Give three reasons for the success behind Ethernet. (b) Ethernet uses the CSMA/CD

Question 1 a) Explain how CSMA/CD works. b) Describe the term "exponential back-off". c) Describe the differences between "circuit switching" and "packet switching". d) Th

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS Management from all the communities of interest should consider policies as basis for all information security efforts. Polic

The first and foremost need of  any business is a role to perform for its client base, and for the spammer this will typically be the role of advertising products which, due to the

UDP INTERACTION  UDP follows four kinds of interaction 1-to-1: One application can interact with one application. 1-to-many: One application can interact with many

LOG FILE MONITORS Log file monitor (LFM) is similar to NIDS. It reviews log files generated by servers, network devices, and even other IDSs for patterns and signatures. Pattern

Ask question #Minimum.. 100 words accepted#


Question: Network diagrams combine with a set of systematic analysis procedures, serve to remedy the shortcomings of the Gantt chart. Explain the following terms used in the ne