Intrusion Detection System (IDS) checks the network and its activities. It identifies any different activity and informs the administrator. Working of the system in a network and the network traffic are monitored by the Intrusion Detection system. Systems that create traffic among the network are identified and blocked…
Download full paperFile format: .doc, available for editing
Download file to see previous pages
An IDS has the responsibility of analyzing the network and system configuration. In a network, integration of system is the major component. Intrusion Detection systems have to assess the integrity of the systems within a network.
Security threats may occur at anytime. Detection systems must be alert to identify and report the threats to the administrator. Several activities take place within a network. Any abnormal activity has to be analyzed by the detection system. A user will have certain limitations in accessing a network. A user policy is maintained by the organization. Each of the user's activity is recorded by the system. It tracks the user's activities and sends a report if the user violates the policy. Security threats and attacks can be in any form and can occur even in a highly secured network. Since the number of threats and attacks are increasing, an effective IDS is necessary. Network attacks are easier than intruding into a standalone system. As the systems are connected over the web, the task becomes easier. IDS is selected based on the network's complexity.(Base, Mall 2006). Most common attacks target on the system's confidentiality, system's control and the network's integrity. An IDS can identify various types of attacks. They monitor attacks like scanning, penetration attacks and denial of service.
The activities of the IDS are defined by the network administrator. Threats may arise from a system within the network or from any external source. (Bradley 2005).
Intrusion Detection systems are classified into two types. Network Based system and Host based intrusion detection systems are the widely used.
Network IDS (NIDS)
IDS that serve in a network are kept at specific places within a network. This will detect the problems in the network traffic. The traffic between the systems in that network is monitored. IDS used in a network must be efficient to handle heavy traffic inside a network. Inbound traffic and outbound traffic are monitored by the detection systems. (Cukic 2008).The traffic is analyzed from time to time. The flow of packets are regularly assessed and analyzed.
Host IDS (HIDS)
These systems are used in separate system in a network. It will alert any suspicious act within that system. Host based IDS analyze the packet flow and flow pertaining to that host system. HIDS has a limited control over the total network. It concentrates only on a particular host. It is difficult for these systems to handle the traffic of the entire network. Every system in a network must be installed with separate HIDS if they are not monitored by a NIDS.
Though these two are the common types of IDS, there are other types that can be used.
Signature Based IDS
This system makes use of predefined conditions to monitor the intrusions. It can easily handle previously documented attacks. A database is maintained to store the attack signatures. Every time an attack is identified, the signature is compared with the existing values in the database. It can identify the attacks that are already known. Database has to be updated regularly to be aware of the new attacks. (Cukic 2008).Failure to do so will lead to severe consequences. If a system is confronted with several attacks at the same time, the performance decreases. The system has to check with the database whenever an attack is
...Download file to see next pagesRead More
The risk involved will be analyzed in the military network with regards to cybercrime and their effects discussed. The paper examines Intrusion Detection methods and suggests steps taken to curtail vulnerabilities in the system. Source determination and intrusion prevention procedures will be discussed as per the level of threat they pose.
According to the case study given, the intrusion will drive me to take these actions: I shall tell myself to relax. Fright worsens the whole situation. One can think better with a composed mind. I shall take a deep breath instead of getting frightened, and they shall look into the matter deeply as to how the problem arose and what to do next.
The author provides some methods of protection. In passive methods radio frequency monitoring is used. The active systems can transmit signals to inquire the status of the network and also put in malicious data into the network to create interruptions. This is the most common methods and is on the rise since new abuse and tools emerge often.
The overall requirements for SnortReader are: (1) allow users to locate intrusions among Snort alerts in a short time; (2) allow users to change the behavior of the interface; and (3) provide help information to identify intrusions and how to use the interface.
It is the most important component of the network system. It is mandatory for the network systems to install an intrusion detection system to easily manage the attacks and resolve the issues. (Mun 2009). There are various types of intrusion systems and they are implemented based on the network system.
Moreover,coming to the point of these manipulations which occur in the first place,we discern that these are the usual attacks that are carried out by the hackers who are skilled and quite adept at their work and even at times,script kiddies do play these tricks whereby they make use of the automated scripts to achieve their objectives.
Below is discussed a case study and important actions which become necessary in case of network intrusion.
If I get an alert from the IDS telling me that somebody is trying to connect repeatedly to port 3389 of my computer at 192.168.2.124 and
This research discusses data mining and the significance of IDSs for network security followed by few drawbacks, provides data mining and its various techniques in an elaborate manner, in relation to the present topic apart from various methodologies implemented till date, concludes the work done and gives plan for future work.
46 Pages(11500 words)Essay
Save Your Time for More Important Things
Let us write or edit the essay on your topic
"Intrusion Detection System"
with a personal 20% discount.