Types of idss and detection methods, Computer Network Security

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.

Posted Date: 10/9/2012 3:42:53 AM | Location : United States







Related Discussions:- Types of idss and detection methods, Assignment Help, Ask Question on Types of idss and detection methods, Get Answer, Expert's Help, Types of idss and detection methods Discussions

Write discussion on Types of idss and detection methods
Your posts are moderated
Related Questions
All references using actual quotes, paraphrase, or specific arguments, should employ page numbers. The essay is based on the unit content and should engage with the set readings, a

a) Define the term "Enterprise Network". b) Briefly discuss the similarity and differences between a switch and a router. c) A company XYZ has been renting the 1 st Floor of

Problem : (a) Provide one possible classification of PCA, ART, RBF, and Fuzzy ARTMAP networks. (b) Describe in detail the characteristics of Radial Basis Function Neural Net

Question: (a) Explain and illustrate with a drawing the three-layer feedforward multilayer perceptron neural network. (b) Summarize the standard backpropagation algorithm in

Question requires you to develop firewall rules based on a fictitious organisation. Scenario: You work for a security-conscious company, xC-Cure, who develop encryption te

ADVANCED RESEARCH PROJECT AGENCY (ARPA) The efforts of ARPA was to active all its research groups have accept to new era computers. For this purpose ARPA started investing in wa

QUESTION (a) What do you meant by data spoliation? (b) Justify the following statement: "Disk imaging differs from creating a standard backup of disk." (c) Why do yo

ENCAPSULATION Network interface layer adds IP datagram as data area in hardware frame. Hardware ignores IP datagram message format. Standards for encapsulation defines details

Computer networks are defined by four factors which are as given below: 1) NETWORK SIZE: According to the size of networks. 1) Local Area Network ( LAN) 2) Wide Area Ne

What is the concept of topology?