Types of idss and detection methods, Computer Network Security

Assignment Help:

Types of IDSs and Detection Methods

IDSs operate as network based, host based, or application based systems and focused on protecting network information assets. All the IDSs use one of 2 detection methods signature based, statistical anomaly-based.

Signature-Based IDS/ knowledge –based IDS


Signature Based IDS examines data traffic in search of patterns that match known as signatures. It is extensively used because many attacks have very clear and distinct signatures. Problem with this approach is that as new attack strategies are identified, the IDS’s database of signatures should be updated continually.

Statistical Anomaly-Based IDS


The statistical anomaly based IDS or behavior based IDS sample network activity to compare to traffic that is normal. When measured activity is outside baseline parameters or clipping level, IDS will trigger an alert to the administrator. It can also detect new types of attacks. Requires more overhead and processing capacity than signature based. It may generate several false positives and thus is less commonly used than the signature based type.


Related Discussions:- Types of idss and detection methods

Caralouer case study: analysis and design techniques, CarALouer provides re...

CarALouer provides rental of cars to its customer on a regional basis i.e. a car is attached to a regional home-base which also houses a regional office of the company. Each regi

Describe phishing attacks, QUESTION (a) (i) Describe Phishing attacks. ...

QUESTION (a) (i) Describe Phishing attacks. (ii) Distinguish between Phishing and Spear Phishing attacks. (b) Describe two instances where an attacker sniffing on a netwo

Social network development in java , Social Network development in Java: ...

Social Network development in Java: Project Title: SUGGESTLOCAL (Nov 2006-April 2007) Role             : Developer Domain        : Social Network Client          :

Computer fundamentals, Ask You have been asked by a new client to assist i...

Ask You have been asked by a new client to assist in setting up a new computer for her coffee shop. She has just purchased the newest Apple computer from an online site. Should wou

How does message switching operate, Question: Human telephone conversat...

Question: Human telephone conversations are characterized by irregular pauses, alternating with irregular bursts of speech. In contrast, communication via computers is char

Softbank theft of consumer data -information security, Example : Softbank –...

Example : Softbank – theft of consumer data for extortion Softbank of Japan offers broadband Internet services across Japan through 2 subsidiaries – Yahoo! BB and Softbank BB. I

Risk assessment, RISK ASSESSMENT Risk assessment is a step in a risk man...

RISK ASSESSMENT Risk assessment is a step in a risk management technique. Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete

Securing the components-information security, SECURING THE COMPONENTS Co...

SECURING THE COMPONENTS Computer can be subject of an attack or the object of an attack. When subject of an attack, computer is used as lively tool to conduct attack. The figure

#title.TIPS., 1. For this project, assume that an organization has five ser...

1. For this project, assume that an organization has five servers. Server 1 has a TCO of $25,000, Servers 2 and 3 have a TCO of $37,000 each, and the remaining two servers— Servers

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd