Types of idss and detection methods, Computer Network Security

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.

Posted Date: 10/9/2012 3:42:53 AM | Location : United States







Related Discussions:- Types of idss and detection methods, Assignment Help, Ask Question on Types of idss and detection methods, Get Answer, Expert's Help, Types of idss and detection methods Discussions

Write discussion on Types of idss and detection methods
Your posts are moderated
Related Questions
(a) (i) If m = p·q·r where p, q, and r are prime numbers, what is Φ(m)? (ii) Therefore, Determine Φ(440). (b) Describe the following terms as used in cryptography: (i)

BALANCING SECURITY AND ACCESS Even with best planning and implementation, it is impossible to obtain perfect security, that is, it is a process, not an absolute. Security should

(a) Describe RSA encryption. (b) For an RSA encryption the values of the primes are: p=29, q=31. select e=11, evaluate the public and private keys. (c) How can RSA be used fo


Question : Environmental Accounting is a means for businesses to fulfill their responsibilities for accountability to stakeholders. (a) What do you understand by Environment

Question: Human telephone conversations are characterized by irregular pauses, alternating with irregular bursts of speech. In contrast, communication via computers is char

Question: (a) Which type of attacker represents the most likely and most damaging risk to your network? (b) What is the basic reason that social engineering attacks succeed?

Example : Softbank – theft of consumer data for extortion Softbank of Japan offers broadband Internet services across Japan through 2 subsidiaries – Yahoo! BB and Softbank BB. I

how can you enter the ASVAB practice test on line?

Limitations of firewall Firewalls cannot protect a network if security rules are not followed properly by an organization or if the rules are not defined properly. Firewalls ar