StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Adoption of Intrusion Detection System - Essay Example

Cite this document
Summary
The paper "The Adoption of Intrusion Detection System" highlights that information security is a major concern of organizations today. Firms rely on information systems to facilitate essential business processes and are at risk due to a variety of factors…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.3% of users find it useful
The Adoption of Intrusion Detection System
Read Text Preview

Extract of sample "The Adoption of Intrusion Detection System"

Information security is a major concern of organizations today. Firms rely on information systems to facilitate essential business processes and are at risk due to a variety of factors. The 2003 survey on information security experiences and practices conducted by the Computer Security Institute (CSI) and U.S. Federal Bureau of Investigation (FBI) explained, "the risk of cyber attacks continues to be high." The survey showed that an astonishing 74% of the 530 "security practitioners" in the survey sample reported they had experienced at least one information security incident in the prior twelve months, while 36% had experienced anywhere from six to thirty incidents over the same period. 75% of participants in the study indicated they had experienced financial losses as a result of information security incidents (Richardson, 2003). Healthcare organizations are in an especially vulnerable position because of the sensitivity of the information stored on their systems. Accordingly, it is imperative that Healthcare Oganization A adopt and implement an intrusion detection system (IDS). Following a definition of IDS, this essay will argue the imperatives of our organization are adopting such a system. IDSs are similar to home burglar alarm systems, alerting neighbors, homeowners, and law enforcement that someone or something has broken through the security measures. ID techniques attempt to identify and isolate computer and network attacks by observing traffic logs or audit data. IDSs are based on the idea that an intruder can be detected through the examination of various elements. Such as, network traffic, packet elements, central processing unit use, input/output use, and file activities (Proctor, 2001). IDSs are powerful tools used to reduce and monitor computer attacks. The goal of ID is to positively identify all true attacks and negatively identify all non-attacks (Proctor, 2001). The motivation for using ID technology may vary for different sites: Some may be interested in law enforcement including the tracking, tracing, and prosecution of intruders. Some may use ID as a mechanism for protecting computing resources. Others may be more interested in identifying and correcting vulnerabilities. Not only is it important to put access-control measures in place, but it is also important to verify whether or not an intruder has breached the access controls (Proctor, 2001). To fully protect an organization, it is necessary to audit the network on a regular basis for intrusion attempts. An intrusion is any set of actions that attempts to compromise the availability, integrity, or confidentiality of the system. To make an audit easier, a new category of software has emerged: the IDS (Proctor). ID is needed because firewalls cannot provide complete protection against intrusion. Experience teaches us never to rely on a single defensive line or technique. A firewall serves as an effective noise filter, stopping many attacks before they can enter an organization's networks. However, firewalls are vulnerable to errors in configuration and ambiguous or undefined security policies. They are also generally unable to protect against malicious mobile code, insider attacks, and unsecured modems. Firewalls rely on the existence of a central point through which traffic flows. With a growing trend toward geographically distributed networks with internal and external users, there is a greater chance for compromise. Therefore, the absence of central points for firewall monitoring purposes is a relevant concern. A computer system should provide confidentiality, integrity, availability, and assurance against DoS. However, due to increased connectivity (especially on the Internet) and the vast spectrum of financial possibilities that are opening up, more and more systems are subject to attack by intruders. These subversion attempts try to exploit flaws in the operating system as well as in application programs and have resulted in spectacular incidents like the Internet Worm incident of 1988 (Bandy, Money, Worstell, & Saita, 2001). There are two ways to handle subversion attempts. One way is to prevent subversion itself by building a completely secure system. Networks, for example, could require all users to identify and authenticate themselves. Such networks would protect data by various cryptographic methods and very tight access-control mechanisms. However, this is not really feasible because: In practice, it is not possible to build a completely secure system. Bandy et al. (2001) gave a compelling report on bugs in popular programs and operating systems that seem to indicate that (a) bug free software is still a dream and (b) no one seems to want to make the effort to try to develop such software. Apart from the fact that we do not seem to be getting our money's worth when we buy software, there are also security implications when our e-mail software, for example, can be attacked. Designing and implementing a totally secure system is thus an extremely difficult task. The vast installed base of systems worldwide guarantees that any transition to a secure system, (if it is ever developed) will be long in coming. Cryptographic methods have their own problems. Passwords can be cracked, users can lose their passwords, and entire crypto-systems can be broken. Even a truly secure system is vulnerable to abuse by insiders who abuse their privileges. The level of access control is inversely related to user efficiency: the stricter the mechanisms, the lower the efficiency becomes. If there are attacks on a system, network administrators would like to detect them as soon as possible and take appropriate action. This is essentially what an IDS does. An IDS does not usually take preventive measures when an attack is detected according to Bandy et al. (2001). It is a reactive rather than pro-active agent; it plays the role of an informant rather than a police officer. The most popular way to detect intrusions has been by using the audit data generated by the operating system. An audit trail is a record of activities on a system that are logged to a file in chronologically sorted order. Because almost all activities are logged on a system, it is possible that a manual inspection of these logs would detect intrusions. However, the incredibly amount of audit data generated (on the order of 100 Megabytes a day) makes manual analysis impossible. IDSs automate the drudgery of wading through the audit data jungle. According to Bandy et al. (2001), audit trails are particularly useful because audit trails can be used to establish guilt of attackers. Audit trails are often the only way to detect unauthorized but subversive user activity. Often times, even after an attack has occurred, it is important to analyze the audit data so that the extent of damage can be determined. Additionally, the analysis facilitates tracking down the attackers and may reveal steps to be taken to prevent such attacks in the future. In conclusion, the adoption of IDS can enhance information security and, importantly, ensure that databases containing highly sensitive patient information are not accessed by unauthorized personnel. The adoption of such a system is an imperative imposed upon us, as a healthcare organisation, by the very nature of the information we store on our systems and the phenomenon of internet connectivity. Bibliography Proctor, P. E. (2001). The practical intrusion detection handbook. Upper Saddle River, NJ: Prentice Hall. Bandy, Money, Worstell, & Saita. (2001). The Need for IDS. Retrieved August 2003, http://www1.acm.org/crossroads/xrds2-4/intrus.html#ref12 Richardson, R. (2003) Eighth Annual CSI/FBI Computer Crime and Security Survey. San Francisco: Computer Security Institute. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Assessment Essay Example | Topics and Well Written Essays - 1000 words”, n.d.)
Assessment Essay Example | Topics and Well Written Essays - 1000 words. Retrieved from https://studentshare.org/miscellaneous/1524176-assessment
(Assessment Essay Example | Topics and Well Written Essays - 1000 Words)
Assessment Essay Example | Topics and Well Written Essays - 1000 Words. https://studentshare.org/miscellaneous/1524176-assessment.
“Assessment Essay Example | Topics and Well Written Essays - 1000 Words”, n.d. https://studentshare.org/miscellaneous/1524176-assessment.
  • Cited: 0 times

CHECK THESE SAMPLES OF The Adoption of Intrusion Detection System

Network Intrusion Detection and Forensics

IFFERENT METHODS of intrusion detection 10 5.... Network Intrusion and detection system Alert Terminologies 8 4.... This report contains details of research of two open source Network intrusion detection Systems (NIDS), Snort and Bro, and compares then in terms of performance, strength and features to determine which of them offers superior service in intrusion detection.... This article is a research-based project that aims to compare two or more open source Network intrusion detection Systems, in terms of their operation, methods of detection, capabilities, and performance....
26 Pages (6500 words) Dissertation

Combining Anomaly and Signature based Intrusion Detection Systems

Bayesian Algorithm with KDD99 was implemented for anomaly-based IDS and integrated multi-layer signature-based intrusion detection system using mobile agents were implemented.... The later parts of the body illustrate studies and researches related to these two IDS for improving the detection methodology for intrusions.... To sum up, many studies and researches have been conducted to overcome issues related to the detection techniques, still, there were loopholes for threats and vulnerabilities to sneak in....
8 Pages (2000 words) Essay

Intrusion Detection System

The paper "intrusion detection system" tells us about IDS.... Working of the system in a network and the network traffic are monitored by the intrusion detection system.... Any abnormal activity has to be analyzed by the detection system.... intrusion detection is used to manage the system and the network in a secured manner.... Network-Based systems and Host-based intrusion detection systems are widely used....
11 Pages (2750 words) Essay

Wireless Intrusion Detection Systems

He explains the intrusion methods, need for wireless intrusion detection system and as well identify the rewards and problems of wireless intrusion detection systems.... In the paper 'Wireless intrusion detection Systems' the author analyzes security and detection of possible threats to wireless networks.... Usually, this is done as a hobby and such hobbyists may combine the data with Global Positioning system (GPS) information to generate geographic maps of wireless networks in the area and their configurations....
4 Pages (1000 words) Essay

Network Security-Intrusion Detection System

The essay "Network Security-intrusion detection system" will try to look at the two processes Host-based and Network-based Intrusion Detection Systems, how effective these two approaches for the intrusion detection system for any organization and will also cover various guidelines for Intrusion Detection Systems deployment, operation, and maintenance.... In this paper definition and description of intrusion, intrusion detection, and intrusion detection system are covered....
16 Pages (4000 words) Essay

Enhanced Sensor-Based Intrusion Detection System

This report "Enhanced Sensor-Based intrusion detection system" exhibits the usefulness of Anomaly and Signature-based IDS alongside its favorable circumstances and inconveniences.... Anomaly-based intrusion detection system, a Signature-based intrusion detection system, a Flexible Intrusion Detection, and Response Framework for Active Networks (FIDRAN) are suggested to give superior security.... ccording to the network dictionary, IDS is characterized as an "intrusion detection system (IDS) is a sort of security administration system for PCs and systems....
15 Pages (3750 words) Report

Bro: A System for Detecting Network Intruders in Real-Time

The paper "Bro: A system for Detecting Network Intruders in Real-Time" highlights that the real-time full recordings of the network threats enable the owners of the network to be in a state of constant lookout for any further intrusion threats, thus helping to keep the system more secure.... The real-time aspect of the Bro system helps to ensure that the damage that can be caused by the intruders are minimized since, with the real-time detection of the possible intrusion, the intrusions can be reacted to and stopped before they have caused any meaningful damage to the network (Paxson, 1999)....
5 Pages (1250 words) Essay

Electronic Intrusion Detection Systems

The following paper under the title 'Electronic intrusion detection Systems' presents security as a big concern for most individuals and organizations, which has led to the development of various ways of developing security measures to keep out intruders.... To offer more protection, electronic intrusion detection systems were developed.... However, unlike perimeter walls, external intrusion detection systems can deter intruders even before they intrude....
8 Pages (2000 words) Term Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us