Host-based ids, Computer Network Security

Assignment Help:

Host-Based IDS

A host-based IDS (HIDS) resides on a particular computer or server and monitors activity only on that system. HIDS also called as system integrity verifiers as they benchmark and monitor the status of key system files and detect when intruder creates, modifies, or deletes files. It is efficient enough to monitor system configuration databases. Most of the HIDSs work on principle of configuration or change in management. The HIDS examines the files and logs for predefined events. The advantage of HIDS over NIDS is which it can be installed usually so that it can access information encrypted when traveling over network.

Advantages and Disadvantages of HIDSs

Advantages

-Can detect local events on host systems and detect attacks that may elude a network based IDS
- Functions on host system, where encrypted traffic will have been decrypted and is available for processing.
-Not affected by use of switched network protocols
-Can detect inconsistencies in how applications and systems programs were used by examining records stored in the audit logs.

Disadvantages

-Pose more management issues
-Vulnerable both to direct attacks and attacks against host operating system
-Does not detect multi host scanning, nor scanning of non-host network devices
-Susceptible to some denial of service attacks
-Can use large amounts of disk space
-Can inflict a performance overhead on its host systems


Related Discussions:- Host-based ids

Discuss a communication channel, Question An organization is planning t...

Question An organization is planning to connect its networks to the Internet. The network is located within a four story building. A web server supporting online sales is also

Classification of networks, Computer networks are defined by four factors w...

Computer networks are defined by four factors which are as given below: 1) NETWORK SIZE: According to the size of networks. 1) Local Area Network ( LAN) 2) Wide Area Ne

Elliptic Curves, #questioAn elliptic curve y^2=x^3+ax+b(mod29) includes poi...

#questioAn elliptic curve y^2=x^3+ax+b(mod29) includes points P=(7, 15) and Q=(16, 13) a)Determine the equation of the crve b) Determine all values of x for which there is no point

The effect the incident has on your business, QUESTION There are gener...

QUESTION There are generally five factors that will influence how you respond to computer security incidents- The effect the incident has on your business Legal issue

Computer forensic, discuss the merits and demerits of computers freezing

discuss the merits and demerits of computers freezing

Describe phishing attacks, QUESTION (a) (i) Describe Phishing attacks. ...

QUESTION (a) (i) Describe Phishing attacks. (ii) Distinguish between Phishing and Spear Phishing attacks. (b) Describe two instances where an attacker sniffing on a netwo

Calculate the false rejection, Divide the user data into 6 equal sets. Use ...

Divide the user data into 6 equal sets. Use the first set for the enrollment phase of your system, and the rest for the verification phase. Use the following formula to calculate t

Explain what is a broadcast storm, QUESTION: (a) Ethernet has grown in ...

QUESTION: (a) Ethernet has grown in popularity in the recent years and is now used in LANs. Give three reasons for the success behind Ethernet. (b) Ethernet uses the CSMA/CD

Udp datagram format, UDP DATAGRAM FORMAT: It is given in the figure be...

UDP DATAGRAM FORMAT: It is given in the figure below:

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd