Types of idss and detection methods, Computer Network Security

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.

Posted Date: 10/9/2012 3:42:53 AM | Location : United States







Related Discussions:- Types of idss and detection methods, Assignment Help, Ask Question on Types of idss and detection methods, Get Answer, Expert's Help, Types of idss and detection methods Discussions

Write discussion on Types of idss and detection methods
Your posts are moderated
Related Questions
Problem 1: What does the SNMP access policy show? SNMP community diagram SNMP access policy Problem 2: Does there exist any formal functional specificat

How much would it cost to have a project completed by tomorrow night?

You are designing a Demilitarized zone for a large corporation. Using design best practice, and the information that you have learned so far, propose a design that will provide the

Network diagram for a mediacal care

Stateless Packet Filtering Stateless or static packet filtering is the most straightforward kind of packet filtering that allows or disallows data transfer based on the addres

IP DATAGRAM HEADER FORMAT:  It is given in the figure below:   In the table: VERS denotes the version of IP. H.LEN denotes the header length in units of

Implementing an effective online authentication scheme in practice faces many challenges. Systems with highly sensitive data often require multifactor authentication. But, requirin

on LAN,where are IP datagrams transported?

In broadcast topology there are further two types 1) SATELLITE\RADIO 2) RING TOPOLOGY In a radio or satellite topology every computers are connected to each other via radio o

crack the secret message and explain how the code works. The clue is that it has something to do with the computer keyboard. J-Q-H-6 Q-E-F-Q-H-D-3-W 8-H 5-Y-3 7-W-3 9-R--D-9-J