Types of idss and detection methods, Computer Network Security

Assignment Help:

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.


Related Discussions:- Types of idss and detection methods

Compare the suitability and properties of isdn and adsl, Question : An a...

Question : An aircraft manufacturing company is considering linking the network of one of its offices to the network of its Headquarter using either xDSL or ISDN. i. Compare

Draw the waveform for an asynchronous transmission, QUESTION: (a) For ...

QUESTION: (a) For the bit stream 010011, sketch the waveforms for each of the code indicated. Assume that the signal level for a space in NRZ-L is positive; the signal level f

Understanding a business model of a spammer, The first and foremost need of...

The first and foremost need of  any business is a role to perform for its client base, and for the spammer this will typically be the role of advertising products which, due to the

Differences between a hacker and a cracker, Question: (a) Which of the...

Question: (a) Which of the following is not a goal of security: i) detection ii) prevention iii) recovery iv) prosecution (b) You are an honest student. One day you

Introduction to cryptography, INTRODUCTION TO CRYPTOGRAPHY Cryptography...

INTRODUCTION TO CRYPTOGRAPHY Cryptography The word cryptography is derived from Greek words kryptos, which means hidden and graphein, meaning to write, this is the process of

Explain the close procurement project process, Question 1: Why do we ne...

Question 1: Why do we need a Law of Contract? a Explanation Reasons to have a law of contract b Explain the close procurement project process - Explanation (causes,

Encryption key size-cryptography, Encryption Key Size When using ciphers...

Encryption Key Size When using ciphers, the size of crypto variable or key is quite important as the strength of many encryption applications and cryptosystems were measured by

Efforts of advanced research project agency, ADVANCED RESEARCH PROJECT AGEN...

ADVANCED RESEARCH PROJECT AGENCY (ARPA) The efforts of ARPA was to active all its research groups have accept to new era computers. For this purpose ARPA started investing in wa

Packet filtering firewall-stateless packet filtering, Stateless Packet Filt...

Stateless Packet Filtering Stateless or static packet filtering is the most straightforward kind of packet filtering that allows or disallows data transfer based on the addres

Cyber security, How to pretect my computer from attacking

How to pretect my computer from attacking

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd