Types of idss and detection methods, Computer Network Security

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.

Posted Date: 10/9/2012 3:42:53 AM | Location : United States







Related Discussions:- Types of idss and detection methods, Assignment Help, Ask Question on Types of idss and detection methods, Get Answer, Expert's Help, Types of idss and detection methods Discussions

Write discussion on Types of idss and detection methods
Your posts are moderated
Related Questions
QUESTION (a) Define and distinguish between Electronic Commerce and Electronic Business (b) According to you what are the benefits that Electronic Commerce can brings to org

IPV6 NEXT HEADER It is given in the figure below:

Techniques for combating Spam mails Many anti spam products are commercially available in market. But it should also be noted that no  one technique is a complete solution to

Suppose you are working for one of the leading credit reporting agencies that manages users' credit rating info with different financial institutions.  The company wishes to implem

SDLC Systems development life cycle (SDLC) is process of developing information systems through analysis, design, investigation, implementation and maintenance. SDLC is called as

Question An organization is planning to connect its networks to the Internet. The network is located within a four story building. A web server supporting online sales is also

Application-Based IDS Application-based IDS (AppIDS) is an advanced version of HIDS. It examines application for abnormal events. The ability to view encrypted data is the uniqu

Question: (a) State whether the following statements are TRUE or FALSE. Justify your answer. i. A good site security policy will require that users use computer generated p

The Security Systems Development Life Cycle (SecSDLC) The same phases which is used in traditional SDLC can be adapted to support specialized implementation of IS project,At its

Q1 (15 marks, 5 marks each part): This question has three parts: In a short paragraph (200-300 words) explain the fundamentals of Packet Switching and how it works. In a short pa