Host-based ids, Computer Network Security

Assignment Help:

Host-Based IDS

A host-based IDS (HIDS) resides on a particular computer or server and monitors activity only on that system. HIDS also called as system integrity verifiers as they benchmark and monitor the status of key system files and detect when intruder creates, modifies, or deletes files. It is efficient enough to monitor system configuration databases. Most of the HIDSs work on principle of configuration or change in management. The HIDS examines the files and logs for predefined events. The advantage of HIDS over NIDS is which it can be installed usually so that it can access information encrypted when traveling over network.

Advantages and Disadvantages of HIDSs

Advantages

-Can detect local events on host systems and detect attacks that may elude a network based IDS
- Functions on host system, where encrypted traffic will have been decrypted and is available for processing.
-Not affected by use of switched network protocols
-Can detect inconsistencies in how applications and systems programs were used by examining records stored in the audit logs.

Disadvantages

-Pose more management issues
-Vulnerable both to direct attacks and attacks against host operating system
-Does not detect multi host scanning, nor scanning of non-host network devices
-Susceptible to some denial of service attacks
-Can use large amounts of disk space
-Can inflict a performance overhead on its host systems


Related Discussions:- Host-based ids

Address resolution protocol (arp), ADDRESS RESOLUTION PROTOCOL (ARP) T...

ADDRESS RESOLUTION PROTOCOL (ARP) TCP/IP can use any of the three address resolution functions relaying on the addressing procedure used by the underlying hardware. To guarant

Routers, Routers They transfer packets among multiple interconnected n...

Routers They transfer packets among multiple interconnected network machines (i.e. LANs of different kind). They perform in the data link, physical and network layers. They ha

Need for security-information security, NEED FOR SECURITY Primary missio...

NEED FOR SECURITY Primary mission of information security to ensure that the systems and contents stay the same If no threats, could focus on improving the systems, resulting in

The Security Systems Development Life Cycle (SecSDLCtle.., #Under what circ...

#Under what circumstances would the use of a SecSDLC be more appropriate than an SDLC?

Risk identification-information security, Risk Identification Risk manag...

Risk Identification Risk management comprises of identifying, classifying and prioritizing organization’s information assets, threats and vulnerabilities also. Risk Identificati

What do you meant by the term diffusion and confusion, Question: (a) W...

Question: (a) What do you meant by the term diffusion and confusion? Explain how diffusion and confusion can be implemented. (b) Distinguish between authorisation and auth

Techniques for combating spam mails, Techniques for combating Spam mails ...

Techniques for combating Spam mails Many anti spam products are commercially available in market. But it should also be noted that no  one technique is a complete solution to

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd