Host-based ids, Computer Network Security

Host-Based IDS

A host-based IDS (HIDS) resides on a particular computer or server and monitors activity only on that system. HIDS also called as system integrity verifiers as they benchmark and monitor the status of key system files and detect when intruder creates, modifies, or deletes files. It is efficient enough to monitor system configuration databases. Most of the HIDSs work on principle of configuration or change in management. The HIDS examines the files and logs for predefined events. The advantage of HIDS over NIDS is which it can be installed usually so that it can access information encrypted when traveling over network.

Advantages and Disadvantages of HIDSs


-Can detect local events on host systems and detect attacks that may elude a network based IDS
- Functions on host system, where encrypted traffic will have been decrypted and is available for processing.
-Not affected by use of switched network protocols
-Can detect inconsistencies in how applications and systems programs were used by examining records stored in the audit logs.


-Pose more management issues
-Vulnerable both to direct attacks and attacks against host operating system
-Does not detect multi host scanning, nor scanning of non-host network devices
-Susceptible to some denial of service attacks
-Can use large amounts of disk space
-Can inflict a performance overhead on its host systems

Posted Date: 10/9/2012 3:45:22 AM | Location : United States

Related Discussions:- Host-based ids, Assignment Help, Ask Question on Host-based ids, Get Answer, Expert's Help, Host-based ids Discussions

Write discussion on Host-based ids
Your posts are moderated
Related Questions
(a) (i) Bob has public RSA key (n = 77, e = 7). Show that Bob's private key is (d = 43). (ii) Alice wants to send the message m = 13 to Bob. She encrypts the message usi

Computer networks is a complex subject due to the given reasons: MANY DIFFERENT TECHNOLOGIES EXIST: The first reason for the complexity of networks is that there are s

UDP ENCAPSULATION As given in the figure below, UDP packet is included in IP datagram and the IP datagram is then attached in the Frame.

An injunction to 'think ethically' about a situation is not helpful. Perhaps if one has a background in moral philosophy this would work, but usually both students and IT professio

how would land elevation have canged if coronado had traveled 150 miles due west from what is today arizona instead of west toward new mexico

Question: Quality management standards are seen as a major pillar supporting the drive for continuous quality improvement through TQM. (a) What do you meant by the term ‘Qua

Question: (a) What do you meant by the term diffusion and confusion? Explain how diffusion and confusion can be implemented. (b) Distinguish between authorisation and auth

project on ensuring data securities on cloud computing

LEGAL, ETHICAL AND PROFESSIONAL ISSUES To minimize liabilities and reduce risks, information security practitioner should: •    to understand current legal environment •    to s

Bridges perform both in the data link layers and physical of LANs of same kind. They split a bigger network in to smaller segments. They have logic that accept them to store the