Types of idss and detection methods, Computer Network Security

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.

Posted Date: 10/9/2012 3:42:53 AM | Location : United States







Related Discussions:- Types of idss and detection methods, Assignment Help, Ask Question on Types of idss and detection methods, Get Answer, Expert's Help, Types of idss and detection methods Discussions

Write discussion on Types of idss and detection methods
Your posts are moderated
Related Questions
(a) Using the extended Euclidean algorithm, find the multiplicative inverse of 504 mod 67. (b) Decrypt the following ciphertext, which has been encrypted using Caesar cipher:

Question: a) You are using Active Directory Users under Windows Server 2003 and Computers to configure user objects in your domain, and you are able to change the address and

Problem (a) Using Vigenère cipher and given the key abc, find the ciphertext for the message: simplicity Only the 26 lower-case alphabetical characters are used in messa


RING TOPOLOGY In this topology of network the devices are connected to each other in packed loop. In this network first computer passes data packet to the second and then seco

Example : Softbank – theft of consumer data for extortion Softbank of Japan offers broadband Internet services across Japan through 2 subsidiaries – Yahoo! BB and Softbank BB. I

Spambot Detection: The  previous studies in this field  have focused on content and meta-content based features.  The main assumption in this area of spam detection of late is

What do you understand by the DNS? Explain the usage of the resource rec or ds. Domain Name System is described below: The Domain Name Service (DNS) is the hierarchi

how can i start thesis? Please mention so of examples?

Problem (a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a TCP segment. The second screen capture is from the data portion of the frame.