StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Purpose of Intrusion Detection and Detection Techniques - Coursework Example

Cite this document
Summary
This coursework "Purpose of Intrusion Detection and Detection Techniques" provides an insight into the IDS or Intrusion detection systems. These IDS are developed for ensuring critical network security. It also offers a deep and comprehensive overview of the re-architecting…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.9% of users find it useful
Purpose of Intrusion Detection and Detection Techniques
Read Text Preview

Extract of sample "Purpose of Intrusion Detection and Detection Techniques"

Running head: Intrusion Detection Network Security Management Intrusion Detection Xiaoxi Yang ITEC6109042 November 2009 Table of Contents Table ofContents 2 Intrusion Detection 4 Purpose of IDSs and Detection Techniques 5 SNORT 5 Old Snort Operational Difficulties 6 Abstract In the last few years, the revolution in network technology has offered great advantages in the form of development of the communication network and data sharing structures. This development has global village based-era due to the miracles and revolution of the new networking technology. The overall structure of the Internet has completely changed also it has improved the computing and information technology structure. Due to extensive enhancements of the Internet and networking technology there some negative aspects are also emerged. These negative aspects can include the user or organizational information, data theft and various other threats. At this time it is extremely significant that systems need to be designed in a way that they could stop unauthorized access to organizational, business, or individual’s system resources and data. As, at the present, all the preventing techniques of security appear impractical. Though, we can try to identify and detect these intrusion crack/breaks or attempts hence that action can be taken to fix the damage later. This area or paradigm of the networking technology is acknowledged Intrusion detection. Anderson (1980) has initially established the concept of the intrusion detection in 1980. According to (Anderson, 1980), intrusion detection is a way through which a threat or intrusion attempts plan unauthorized attempt to (Anderson, 1980) This research is going to provide an insight into the IDS or Intrusion detection systems. These IDS are developed for ensuring the critical network security. The research will offer a deep and comprehensive overview of the re-architecting that is incorporating cutting-edge ideas in intrusion detection prevention system design. Intrusion Detection Network intrusion involves discovering attempted or applied intrusions into a network to establish suitable countermeasures to the growing threat of data hacks. Good place to show market projections on the growth of network intrusions. Intrusion detection includes an extensive collection of methods that differ on several axes. A few of these axes comprise, (Silberschatz, Galvin, & Gagne, 2004): The time period that detection takes place: in real time (while it is taking place) or following the information only. The types of input inspected to identify intrusive action. These could comprise user shell commands, process system calls, as well as network packet headers or contents. Several types of intrusions might be identified only by correlating information from various such sources. The variety of action capabilities. Basic and straightforward types of actions consist of changing an administrator of the possible intrusion or in some way halting the potentially intrusive action, for instance, killing a course of action engaged in actually intrusive activity. In a complicated type of action, a system might clearly redirect an intruder’s action to a trap. A false resource exposed to the attacker with the aim of observing and gaining information about the attack; to the attacker, the resource appears real. These levels of freedom in the design of space for detecting intrusions in systems have brought an extensive variety of solutions acknowledged as intrusions detection systems (IDS) (Silberschatz, Galvin, & Gagne, 2004). Helman, Liepins, & Richards (1992) state about the intrusion detection as an act of detecting activities and actions that effort to compromise the integrity, confidentiality or availability of network resources in any information technology structure. Helman, Liepins, & Richards (1992) stated that an intrusion detection system is an automatic system that takes preventive and stooping measures devoid of incorporating direct human intervention. This automatic prevention and intrusion detection measures make the intrusion detection more effective system for the network security management. Intrusion detection can be carried out automatically as well as manually. According to Helman, Liepins, & Richards (1992), manual intrusion detection might take place through investigating all the log files or additional facts for signs of intrusions in the system, comprising network traffic (Helman, Liepins, & Richards, 1992). According to Sundaram (1996) “an auomatic intrusion detection that performs automated intrusion detection is acknowledged as IDS or intrusion detection system” (Sundaram, 1996). An intrusion detection system can be either network based, in the host-based it checks system logs or calls, or network-based if it observes network packets flow during the commutation. Revolutionary and modern intrusion detection systems are typically a blend of these two techniques (Sundaram, 1996). Purpose of IDSs and Detection Techniques According to Bradley (2009), intrusion detection system is an application or device utilized to scrutinize the entire network traffic as well as alert the administrator or user when there has been an illegal effort or access. There are two major techniques of network traffic monitoring, one is anomaly-based and other is signature-based. Relying on the application or device utilized the intrusion detection system that would be able to either simply observe the administrator or user or it could be place up to automatically respond in some way or block specific traffic (Bradley, 2009). According to Bradley (2009), intrusion detection system is intended for the signature-based detection depends on evaluation of traffic to a database that holds signatures of previously recognized attack techniques. According to Bradley (2009) anomaly based detection in the intrusion detection system compares present network traffic to a known-good baseline to appear for something out of the normal. The intrusion detection system can be placed deliberately on the communication network as a network based intrusion detection or NIDS. This NIDS scrutinizes the entire communication network traffic. It can be installed on every individual communication system like a host-based intrusion detection or HIDS that scrutinizes traffic to as well as from that specific device (Bradley, 2009). Intrusion detection system works using a two-step procedure. The initial step involves the host-based as well as is considered the passive element, these contain: assessment of the systems configuration system files to identify settings of inadvisable; checking the system password files to check for inadvisable passwords; as well as examination of additional system regions to check for the policy violations. The next step is networks based and are considered as the active part: systems are set in place to rebuild known techniques of attack as well as to verification system reactions (searchmidmarketsecurity, 2009). SNORT SNORT is an open source and free NIPS or network intrusion prevention system. It is also taken as NIDS or network intrusion detection system (Schell & Martin, 2006). Snort is able to carry out real time traffic analysis on IP networks and packet logging. This application is written by Martin Roesch and presently this application is developed by Sourcefire. The Sourcefire Company is founded by Roesch and he is its CTO. Presently the integrated business version of the SNORT has built and commercial support services are sold through the business of the Sourcefire (Helman, Liepins, & Richards, 1992). According to Schell & Martin (2006) popular SNORT is free of charge that offers the facility for the pattern-based intrusion detection. This system is specializing in the study of network traffic detection system. By means of the huge development of the web/Internet has come a novel characteristic of network security, network based IDS Snort has tried to incorporate and handle all these features effectively (Schell & Martin, 2006). Handling, contorting, and managing security by means of Snort IDS Tools incorporate dependable techniques intended for identifying network intruders, as of by simple packet sniffers to additional sophisticated intrusion detection systems tools and the Graphical User Interfaces for handling them (Cox & Gerg, 2009). Old Snort Operational Difficulties It is significant to be familiar with that Snort that is primarily detection engine. Snort alone should not be evaluated by commercial intrusion detection systems like that Cisco Secure IDS, or ISS RealSecure that are business suites. Effectual utilization of a Snort-based network intrusion detection and security monitoring processes necessitates effectual back-end databases, user interfaces, sensor platforms as well as several other defending procedures against new attacks (Grimes, 2005). According to Ferraro (2002), the security of a Snort solution relies on the fundamental security of its host operating system as well as the safety of the Snort detection code itself (Ferraro, 2002). Some of the operating systems are basically more supportive to make certain the security as compared to others. Structuring a similar Windows-based Snort platform necessitates logically tremendous measures. Concerning the Snort code, we are able to assess its security in the course of evaluations the source our-self, or through employing a programmer to carry out this task. We can not perform that by means of any commercial offering (Ferraro, 2002). Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Purpose of Intrusion Detection and Detection Techniques Coursework Example | Topics and Well Written Essays - 1250 words, n.d.)
Purpose of Intrusion Detection and Detection Techniques Coursework Example | Topics and Well Written Essays - 1250 words. https://studentshare.org/information-technology/1728811-intrusion-detection
(Purpose of Intrusion Detection and Detection Techniques Coursework Example | Topics and Well Written Essays - 1250 Words)
Purpose of Intrusion Detection and Detection Techniques Coursework Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1728811-intrusion-detection.
“Purpose of Intrusion Detection and Detection Techniques Coursework Example | Topics and Well Written Essays - 1250 Words”. https://studentshare.org/information-technology/1728811-intrusion-detection.
  • Cited: 0 times

CHECK THESE SAMPLES OF Purpose of Intrusion Detection and Detection Techniques

Intrusion Detection System

The paper "intrusion detection System" tells us about IDS.... Working of the system in a network and the network traffic are monitored by the intrusion detection System.... intrusion detection is used to manage the system and the network in a secured manner.... intrusion detection systems are classified into two types.... Network-Based systems and Host-based intrusion detection systems are widely used.... detection systems must be alert to identify and report the threats to the administrator....
11 Pages (2750 words) Essay

Application Controls, Monitoring, and Honeypots

Honeypots are new security technologies that, while not a replacement for traditional intrusion detection systems, address some of the weaknesses of intrusion detection systems (Spitzner, 2003).... There are a variety of both commercial and public domain intrusion detection systems, most of which use misuse detection.... Concurring, Skoudis (2002) argues that maintaining and updating these rules and responding to alerts are ongoing and time-consuming tasks, and if the rules become out of date, then the intrusion detection system becomes increasingly less effective....
4 Pages (1000 words) Essay

Identification & Authentication in your organization

Honeypots are new security technologies that, while not a replacement for traditional intrusion detection systems, address some of the weaknesses of intrusion detection systems (Spitzner, 2003).... Conceding to the… y of the aforementioned, our company's ICT director mentioned that it was precisely because current intrusion detection systems are somewhat limited in capacity, that that department was investigating the parallel implementation of an anomaly detection system....
4 Pages (1000 words) Essay

Intrusion Prevention

Moreover, its detection techniques are well designed to ensure the software is up to date with the new technological advancement.... The software uses innovative and sophisticated detection methods that include; “stateful pattern recognition, protocol parsing, heuristic detection and anomaly detection” to ensure efficient protection from both known and unknown cyber threats (Cisco Systems, 2011).... Cisco intrusion detection.... Cisco intrusion detention software is a security solution that provides protection from unauthorized intrusions, malicious internet worms and any other bandwidth and e-business application attacks....
1 Pages (250 words) Essay

Business Strategies

This work "Business Strategies" describes the strategies associated with starting up a business, focusing on the security industry.... The author takes into account the security aspect of the business, its role, the possible internet attacks, secure operating systems.... nbsp;… By the security industry, the writer would like to draw attention to the IT-related side associated with starting a new business....
16 Pages (4000 words) Coursework

Prevention of Air Attacks

However, so far these techniques and technologies have not been able to make the air travel safer or reduce the incidences of hijacking.... The author of this article "Prevention of Air Attacks" describes events of 9/11, the problem of hijacking, different security measures, reasons, and problems of air attacks....
6 Pages (1500 words) Essay

Malware Analysis Plan

The malware is a designated computer program in its own created for the sole purpose of negatively impacting the program, network, system, firewall, or other security encrypted sources.... This paper ''Malware Analysis Plan'' looks into the possible methods, techniques, skills, and knowledge through which the malware are handled and computing experiences are made safe.... In order to overcome the challenge and threat of malware various techniques, tools, programs, applications, security based measures and other knowledge based techniques are used that enable overcoming the challenges of malware....
10 Pages (2500 words) Research Paper

The Components of an Alarm System

The National Burglar Fire Alarms Association (2010) observes that detection and deterring are the major roles of an alarm system.... For instance, by scaring away potential burglars hence the assertion that besides detection and informing, it also serves as a deterrent to an impending crime.... The purpose of this report is to describe the purpose of the components of an alarm system.... After the detection, the system is then programmed in such a way as to be able to determine whether that event is threatening in any way....
12 Pages (3000 words) Term Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us