Types of idss and detection methods, Computer Network Security

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.

Posted Date: 10/9/2012 3:42:53 AM | Location : United States







Related Discussions:- Types of idss and detection methods, Assignment Help, Ask Question on Types of idss and detection methods, Get Answer, Expert's Help, Types of idss and detection methods Discussions

Write discussion on Types of idss and detection methods
Your posts are moderated
Related Questions
Government funding has been given to a university consortium establishing a repository of resources for school teachers. They have engaged you to develop a search facility for teac

(a) Explain the importance of the Euler Totient function in Cryptography. Calculate Euler Totient function value, φ(1280). (b) Explain the role of the Authentication Server (

PACKETS: Packet is a generic word that define to small code of data. Packet have different format. Each hardware needs different packet format.  FRAME: A hardware frame or

Consider the following case study: In order to avoid criticisms of their existing manned road-toll payment system on its private road, WS-Pass has decided to adopt an automated

(a) What is a pseudorandom generator? Give an example describing how it works. (b) Explain the key components of a wireless network and their purpose. (c) Describe the authen

SDES encryption and decryption

To master the complexity one must apply the given points. CONCENTRATE IN UNDERSTANDING THE CONCEPTS: Instead of details of wires used to connect computers to a specif

Discuss how developers should apply the following countermeasures to improve the security of their code:

Title: Perimeter Network Security System Outline Requirements The University is based in Glasgow, and provides higher education services to its students and staff. It is loc

Encode the following plaintext, using the Caesar cipher:             LORD OF THE RINGS b) The following ciphertext              jw njbh lxmn cx kanjt has been encoded usi