Types of idss and detection methods, Computer Network Security

Assignment Help:

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.


Related Discussions:- Types of idss and detection methods

Draw the waveform for an asynchronous transmission, Question: (a) Draw...

Question: (a) Draw the waveform for an asynchronous transmission with the following specifications: Character "H", one even parity bit, one start bit, one stop bit, and a b

Risk determination, Risk Determination For purpose of relative risk asse...

Risk Determination For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an elem

Explain the random key distribution, Q. Explain the random key distribution...

Q. Explain the random key distribution? The triple key management mechanisms ensure a better and complete security solution using the random key distribution mechanism. In this

Elliptic Curves, #questioAn elliptic curve y^2=x^3+ax+b(mod29) includes poi...

#questioAn elliptic curve y^2=x^3+ax+b(mod29) includes points P=(7, 15) and Q=(16, 13) a)Determine the equation of the crve b) Determine all values of x for which there is no point

Public key cryptosystem based on rsa technology, Problem: (a) What is ...

Problem: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,

Who are the individuals who cause these security problems, Who are the indi...

Who are the individuals who cause these security problems? Many unauthorized people who cause network security problems for obtaining information about the other users and causi

Advantages and disadvantage of packet filtering firewall, Advantages and Di...

Advantages and Disadvantage of Packet Filtering firewall   Advantages One screening router can help protect entire network One key advantage of packet filter

Spambot detection - spam mail, Spambot Detection: The  previous studie...

Spambot Detection: The  previous studies in this field  have focused on content and meta-content based features.  The main assumption in this area of spam detection of late is

Computer fundamentals, Ask You have been asked by a new client to assist i...

Ask You have been asked by a new client to assist in setting up a new computer for her coffee shop. She has just purchased the newest Apple computer from an online site. Should wou

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd