This website uses cookies to ensure you have the best experience. Learn more

Intrusion Detection System Essay

3698 words - 15 pages

Assignment Cover Sheet
Faculty of Science and Technology
NAME: Ashwath Mopathi



ASSIGNMENT/PRAC NAME: INTRUSION DETECTION SYSTEMS


Table of Contents

Abstract ……………………………………………………………………………………………………….. 1
Back Ground………………………………………………………………………………………………….. 1
Overview of Intrusion Detection System……………………………………………………….. 3
Challenges to intrusion detection systems……………………………………………………… 5
Types of Intrusion Detection Systems……………………………………………………………. 7
Techniques of Intrusion Detection Systems ………………………………………………..… 10
Classification of IDS on different Criteria…………………………………………………….... 11
Conclusion………………………………………………………………………………………………….…. 14
...view middle of the document...

IPS can document existing attacks and document .It provides policies and set of rules along with IDS to trigger an alert. IPS have ability to take immediate action based on the rules provided by the network administrator for e.g IPS may drop a packet if it determines to be malicious and block the port and further ip address. They perform complicated tasks such as monitoring and analyzing and responding to the network traffic patterns
Definition: intrusion detection system[IDS] Intrusion detection is the method of detecting and protecting the traffic in a network or a medium .an intrusion detection system can be software or a physical device to detect the unwanted traffic in both network and hosts. It is also called as operating system monitor as it monitors the system activities completely
Importance of ids:[8] in this decade the massive growth in the use of internet in social network(browsing, instant messaging, mails),online banking, e-commerce, online bookings and many more services. To provide all these facilities to the customer’s internet should provide a satisfactory security and privacy so it builds the trust between customer and the organization (confidentiality, integrity and availability). On the other hand computers in as organization which are accessed to internet are under attacks or vulnerable to threats from an intruder in order to overcome this organizations started installing techniques such as firewalls and encryptions but these could not exactly prevent or detect the intrusion .intruders can easily overcome the firewalls .Hence effectual system is required for the protection .The advanced methods of detecting threats faster and accurately can be only done by IDS. With the introduction of IDS to an organization the management assumes it is the monolithic solution to the network. IDS are important to an organization as they keep the track of the packet flow and scan the network and the activities carried out by the end systems and report if there is an abnormal activity taking place and they even track the insider attack and provide an evidence for the legal actions to be taken on them.
OVERVIEW OF INTRUSION DETECTION SYSTEM
Intrusion detection process model [6]
IDS the process is done in 3 steps
Information: in this process the information is used to detect weather the intrusion has taken place. The information is obtained from different levels of system such as network ,host, monitoring devices
Analysis: in this step the intrusion detection system makes the decision on the action to be taken from the obtained information. (The planning is done)The most common analysis approaches are misuse detection and anomaly detection.
Response: in this stage the set of action that the system performs once the intrusion is detected there are two types of actions such as active and passive
* Active actions: in this the system initiates suitable measures to prevent the intrusion. The measures to be taken to prevent the...

Other Papers Like Intrusion Detection System

Review of Outlier Detection Methods

2412 words - 10 pages Review of Outlier Detection Methods INTRODUCTION Outliers or anomalies can exist in all types of collected data. The presence of outliers may indicate something sinister such as unauthorised system access or fraudulent activity, or may be a new and previously unidentified occurrence. Whatever the cause of these outliers, it is important they are detected so appropriate action can be taken to minimise their harm if malignant or to exploit a

Mab Law Firm Network Merger Project

1781 words - 8 pages temporarily or indefinitely depending on the motive for the attack. Most often these kinds of attacks are perpetrated against web servers or email servers, a host which has an Internet connection. These attacks are carried out by overwhelming the server with requests so that it cannot respond or responds so slowly it becomes virtually unavailable. Using a network Intrusion Detection System is an especially important countermeasure to help protect

Vulnerability Assessment Penetration Analysis

972 words - 4 pages of their daily routine. The network Intrusion Detection System (IDS) sensor had been previously disabled because of degradation of network performance caused by the device. No advanced notification of system degradation caused by the DoS attack was identified until employees were unable to use the network to perform the jobs. IDS Definition: Network IDS is part of the external boundary protection and monitoring system. Threats to the network

8 Questions to Ask About Your Intrusion Protection Solution

2880 words - 12 pages as a “champion” in the Intrusion Detection and Prevention System market by Info-Tech Research Group and has been awarded the 2011 Market Share Leadership Award in Vulnerability Research in North America by Frost & Sullivan. Visit w ww.infotech.com/ and w ww.frost.com/ to learn more. 8. Can your security vendor refer you to customers who are running in-band prevention devices with a high percentage of filters turned on? It’s easy to

Failures in Design and Security Principles

1382 words - 6 pages . Detection The next element of a network security system is system violation detection, or intrusion detection. This is an effort, should a system violator manage to breach the security of the network, to catch the violation before any real damage can be done to the network. The most common approach to intrusion detection is based on the belief that violations can be discovered by looking for abnormal system usage, or scanning the system in search

Rlot Task 2

1004 words - 5 pages reaching the internal trusted network (Conrad, Misenar, & Feldman, 2010). The key is to use defense a layered defense on the hosts within the DMZ. In addition to system hardening and patching, the hosts also require host-based intrusion prevention system (HIPS). HIPS can provide effective defense against known and unknown threats. HIPS combines a standalone firewall, intrusion detection, and intrusion prevention to provide access control

Incident Response Plan Example

1230 words - 5 pages contact procedure and contact list. Sources requiring contact information may be: a)Helpdesk b)Intrusion detection monitoring personnel c)A system administrator d)A firewall administrator e)A business partner f)A manager g)The security department or a security person. h)An outside source. List all sources and check off whether they have contact information and procedures. Usually each source would contact one 24/7 reachable entity

Home Security Components

3070 words - 13 pages there is a trouble condition or problem with the control device The Eyes and Ears – Security Devices Intrusion Detection System (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. The manipulations may take the form of attacks by crackers. An intrusion detection system is used to detect several types of malicious behaviors that can compromise the security and trust of a computer system. This

Whatever This Is I Am Not Sure

1287 words - 6 pages running Office products as they may provide holes for attacks * Gartner Group has taken unusual step of recommending dropping IIS due to difficultly keeping it secure Multiple Security Layers * Idea behind multiple layers is to slow crackers down and detect intrusions before systems are compromised * Defense in depth * Includes but is not limited to commercial firewall, intrusion detection, operating system hardening, and

Input Controls

837 words - 4 pages Monitoring:  Audit trails may be used to track and monitor problems that can occur on-line. Such real time monitoring helps in detection of problems like disk failures, over utilization of system resources or network outages (Gopalakrishna, 2000). 4. Intrusion Detection:  This is process that detects any unauthorized use. Audit trails can help in intrusion detection if they record appropriate events (Gopalakrishna, 2000). Determining what

Riordan Manufacturing Plant - Information

1061 words - 5 pages repeatedly use the exploit that provided success against the same system or other systems with the same vulnerability. These security-related faults not only can propagate from one machine to another (most dangerously, from a primary system to its backup system) but they are highly likely to repeat in time. This implies a significant additional value for fault diagnosis, including machine learning techniques, and system adaptation for intrusion

Related Essays

An Introduction To Intrusion Detection Systems

1234 words - 5 pages I decided to write my paper on Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) because professor mentioned these devices several times in class and I am interested in network security therefore it was a good opportunity for me to learn more about these security systems. An intrusion detection system (IDS) generally detects unwanted manipulations to computer systems, mainly through the Internet. The manipulations may

Intrusion Detection Systems Essay

1120 words - 5 pages Intrusion Detection Systems With the rapid growth of the IT world, along with technological advances of computer software and hardware, the rise of new viruses and hacking techniques are inevitable. Big corporations, small businesses, and personal computers are hacked and made obsolete on a regular basis, by malicious software, Trojans, viruses, worms, etc. It is because of this that Intrusion Detection System (IDS) was introduced to the

Case Week 5 Essay

596 words - 3 pages To:   Raymond Burke (Chief Information Security Officer) From:   (Information Security Engineer) Topic:   Intrusion Detection System Policy. Dear Raymond, As per your request, this following memo will provide various steps and ways in implement an IDS policy. At the end of this email there will be a set example on how the IDS policy will work and the benefits of having one. It doesn’t matter how big or small a company might be, but

Intrusion Detection Essay

1098 words - 5 pages Term paper cyber security awareness -Topic- Network intrusion detection methods INTRODUCTION Intrusions are the activities that violate the security policy of the system, and intrusion detection is the process used to identify intrusions. Intrusion Detection Systems look for attack signatures, which are specific patterns that usually indicate malicious or suspicious intent. Intrusion Detection Systems (IDSs) are usually deployed