Skip to main content

Network Intrusion Detection

Network Intrusion Detection

A network-based Intrusion Detection (ID) manages the traffic on its network area as a source of data. It is generally achieved by placing the network interface card in the promiscuous mode in order to conquer all the network traffic, which crosses its network area. Both network-based and host-based ID sensors have the relevant pros and cons in the network.
Network based ID sensors involves tracking packets on the networks for any vulnerabilities in the network. The network IDs can only track the packets that happen to travel within the defined network segment. Host based ID sensors tracks for any vulnerable packets flowing through various hosts in the network. It not only tracks vulnerability within hosts, but also keeps track of vulnerabilities of hosts connected to various networks.
There are various detection techniques for detecting different intrusions on the network. The two most frequently used approaches of intrusion detection are:
1.Signature based detection
2.Anomaly based detection

1.Signature based detection:

it is the detection of intrusions based on the database of various similar intrusions happened previously on the network. Once the exploit is detected, the relevant signature of the intrusion is recorded and stored in the database of various intrusions. Signature based detection is a continuous monitoring activity on the network which takes care of reducing the count of vulnerabilities in the network.

2.Statistical anomaly detection: 

it's collects data related to the activities of the legitimate user over a certain period of time. Statistical methods and tests are then applied to the analysed activities, then compared with the relevant security criteria defined on the network. Thus, determining whether the activity is not legitimate user activity.

Comments

Post a Comment

thank you for visiting :)

Popular posts from this blog

connection oriented

connection-oriented:- connection-oriented  describes a means of transmitting data in which the devices at the end points use a preliminary  protocol  to establish an end-to-end connection before any data is sent. Connection-oriented protocol service is sometimes called a "reliable" network service, because it guarantees that data will arrive in the proper sequence. Transmission Control Protocol ( TCP ) is a connection-oriented protocol. For connection-oriented communications, each end point must be able to transmit so that it can communicate. The alternative to connection-oriented transmission is the  connection-less  approach, in which data is sent from one end point to another without prior arrangement. Connection-less protocols are usually described as  stateless  because the end points have no protocol-defined way to remember where they are in a "conversation" of message exchanges. Because they can keep track of a conversation, connection-or...
Post a Comment
Read more

Cloud Computing architecture

Cloud computing architecture refers to all components and sub-components that together form the structure of the cloud computing system. This architecture can be divided into three parts for better understanding – front end, back end and middleware. Each part of the cloud architecture has its own set of functionalities and protocols that work together to deliver on-demand services to user-facing hardware as well as software. In general, the architecture is evolved out of large distributed network applications over the last two decades. Hence it supports any system where resources can be pooled and partitioned as required. The general cloud architecture is capable of running multiple software applications running on multiple virtual hardware in multiple locations to efficiently render on-demand services to the users. The users could be using these software applications from their desktop or laptop or mobile or tablets. Usually, whatever the user is looking at – through t...
Post a Comment
Read more

What is technical analysis?

 Technical Analysis (also abbreviated as TA) is a popular technique that allows you to do just that. It not only helps you develop a point of view on a particular stock or index but also helps you define the trade keeping in mind the entry, exit and risk perspective.  Like all research techniques, Technical Analysis also comes with its own attributes, some of which can be highly complex. However, technology makes it easy to understand. Technical Analysis is a research technique to identify trading opportunities in market based on the actions of market participants. The actions of market participants can be visualized by means of a stock chart. Over time, patterns are formed within these charts and each pattern conveys a certain message. The job of a technical analyst is to identify these patterns and develop a point of view. Like any research technique, technical analysis stands on a bunch of assumptions. As a practitioner of technical analysis, you need to trade the markets k...
Post a Comment
Read more

tag