Host-based ids, Computer Network Security

Assignment Help:

Host-Based IDS

A host-based IDS (HIDS) resides on a particular computer or server and monitors activity only on that system. HIDS also called as system integrity verifiers as they benchmark and monitor the status of key system files and detect when intruder creates, modifies, or deletes files. It is efficient enough to monitor system configuration databases. Most of the HIDSs work on principle of configuration or change in management. The HIDS examines the files and logs for predefined events. The advantage of HIDS over NIDS is which it can be installed usually so that it can access information encrypted when traveling over network.

Advantages and Disadvantages of HIDSs

Advantages

-Can detect local events on host systems and detect attacks that may elude a network based IDS
- Functions on host system, where encrypted traffic will have been decrypted and is available for processing.
-Not affected by use of switched network protocols
-Can detect inconsistencies in how applications and systems programs were used by examining records stored in the audit logs.

Disadvantages

-Pose more management issues
-Vulnerable both to direct attacks and attacks against host operating system
-Does not detect multi host scanning, nor scanning of non-host network devices
-Susceptible to some denial of service attacks
-Can use large amounts of disk space
-Can inflict a performance overhead on its host systems


Related Discussions:- Host-based ids

Explain the operation of the matchmaker middle agent, Question 1: (a) E...

Question 1: (a) Explain the operation of the "matchmaker" middle agent. (b) Describe why broker middle agents are more efficient in terms of the time taken for a service to

Define protocol, For simplicity, each character is regarded as one data pac...

For simplicity, each character is regarded as one data packet, which means that the data in each packet should have the max length of only 1 byte. Your own packet header (not th

Venn Diagram Problem, Students were asked about search engine they used.90 ...

Students were asked about search engine they used.90 of them said they used google chrome,70 used Internet Explorer,40 used Mozilla Firefox,30 used Google Chrome and Internet Explo

Evaluations, Evaluations, Assessment, and Maintenance of Risk Controls W...

Evaluations, Assessment, and Maintenance of Risk Controls When the control strategy has been implemented, it should be monitored and measured on an ongoing basis to determine ef

Illustrate about tinysec protocol, Illustrate about TinySec Protocol T...

Illustrate about TinySec Protocol TinySec is implemented on the link layer and addresses security requirements of the resource staffed nodes in the WSN based on the link layer

Security goals, what is relation ship between computer security goals?

what is relation ship between computer security goals?

CNSS, Assume that a security model is needed for the protection of informat...

Assume that a security model is needed for the protection of information in your class. Using the CNSS model, examine each of the cells and write a brief statement on how you would

encrypt and decryption using rsa with the prime numbers, Problem (1) -...

Problem (1) - Alice, Bob and Charlie have a secret key a=3, b=4, c=5, respectively. - They want to find a common secret key using Diffie-Hellan key exchange protocol (with g

Sequential label and supply, What questions should Iris ask Charlie about t...

What questions should Iris ask Charlie about the new job, about Kelvin''s team, and about the future of the company?

Ring topology, RING topology all computers are connected in loop. A ring ...

RING topology all computers are connected in loop. A ring topology is a network topology in which every node connects to exactly two other devices, forming a single continuous pa

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd