Types of idss and detection methods, Computer Network Security

Assignment Help:

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.


Related Discussions:- Types of idss and detection methods

E-commerce, briefly expslain type of e-commerce

briefly expslain type of e-commerce

Components of an information system, COMPONENTS OF AN INFORMATION SYSTEM ...

COMPONENTS OF AN INFORMATION SYSTEM The components of an information system are software, data, hardware, people, procedures and Networks. These 6 components are critical to ena

Access control devices-cryptography, ACCESS CONTROL DEVICES Successful a...

ACCESS CONTROL DEVICES Successful access control system includes number of components, which depends on system’s requirements for authentication and authorization. Powerful auth

What is an autonomous system, QUESTION 1: a) Differentiate between a r...

QUESTION 1: a) Differentiate between a routing protocol and a routed protocol. b) Describe any three design goals of Routing protocols. c) Lists some of the features shared

Guided media, Guided Media These are those that give a conduit from on...

Guided Media These are those that give a conduit from one machine to another that add twisted-pair, fiber-optic cable and coaxial cable. A signal traveling along any of these

Intrusion detection and classification, i want to detec and classify networ...

i want to detec and classify network anomaly detection based on KDD99 data set using swarm intelligence

Limitations of firewall, Limitations of firewall Firewalls cannot prote...

Limitations of firewall Firewalls cannot protect a network if security rules are not followed properly by an organization or if the rules are not defined properly. Firewalls ar

Log file monitors-information security, LOG FILE MONITORS Log file monit...

LOG FILE MONITORS Log file monitor (LFM) is similar to NIDS. It reviews log files generated by servers, network devices, and even other IDSs for patterns and signatures. Pattern

Fragmentation format, FRAGMENTATION Fragmentation information is kept...

FRAGMENTATION Fragmentation information is kept in different extension header.  Every fragment has base header and fragmentation header. Whole datagram including original hea

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd