Application-based ids, Computer Network Security

Application-Based IDS

Application-based IDS (AppIDS) is an advanced version of HIDS. It examines application for abnormal events. The ability to view encrypted data is the unique advantage ofAppIDS. It may be configured to the following types of intercept requests and use them in combination and sequences.

-File System
-Network Configuration
-Execution Space

Advantages and Disadvantages of AppIDSs


-Aware of specific users and can observe interaction between application and user
-Able to operate when the incoming data is encrypted


-It is more susceptible to attack
-It is less capable of detecting software tampering
- Can be taken in by forms of spoofing

Posted Date: 10/9/2012 3:46:37 AM | Location : United States

Related Discussions:- Application-based ids, Assignment Help, Ask Question on Application-based ids, Get Answer, Expert's Help, Application-based ids Discussions

Write discussion on Application-based ids
Your posts are moderated
Related Questions
Write down the short notes on VTR.  Communication between different types of the equipment and software is made possible by making use of the networks. Full-screen text editor is s

A Network is described as a system for connecting computers using a single transmission technology. The computers can interact with each other in a network. They can receive an

Write Pseudocode for the password guessing algorithm: Consider the following authentication protocol: Client Transmission Host

For simplicity, each character is regarded as one data packet, which means that the data in each packet should have the max length of only 1 byte. Your own packet header (not th

Problem 1: List measurable entities on which the quality of service in a data communication network depends Problem 2: Show the features of a typical Network Management

QUESTION 1 Risk analysis helps companies prioritize their risks and shows management the amount of money that should be applied to protecting against those risks in a sensib

ADDRESS RESOLUTION PROTOCOL (ARP) TCP/IP can use any of the three address resolution functions relaying on the addressing procedure used by the underlying hardware. To guarant

Digital Certificates Digital Certificates are electronic document having key value and identifying information about entity which controls key. Digital signature which is attach

In this section, you should create a program that emulates a GBN node. Two GBN nodes will be running to send packets to each other through the UDP protocol. For emulation purpose,

(a) Which PKI (Public Key Infrastructure) model is typically favored by business organization? (b) Give one possible use of the "extensions" field of an X.509 certificate