Skip to main content

Network Intrusion Detection

Network Intrusion Detection

A network-based Intrusion Detection (ID) manages the traffic on its network area as a source of data. It is generally achieved by placing the network interface card in the promiscuous mode in order to conquer all the network traffic, which crosses its network area. Both network-based and host-based ID sensors have the relevant pros and cons in the network.
Network based ID sensors involves tracking packets on the networks for any vulnerabilities in the network. The network IDs can only track the packets that happen to travel within the defined network segment. Host based ID sensors tracks for any vulnerable packets flowing through various hosts in the network. It not only tracks vulnerability within hosts, but also keeps track of vulnerabilities of hosts connected to various networks.
There are various detection techniques for detecting different intrusions on the network. The two most frequently used approaches of intrusion detection are:
1.Signature based detection
2.Anomaly based detection

1.Signature based detection:

it is the detection of intrusions based on the database of various similar intrusions happened previously on the network. Once the exploit is detected, the relevant signature of the intrusion is recorded and stored in the database of various intrusions. Signature based detection is a continuous monitoring activity on the network which takes care of reducing the count of vulnerabilities in the network.

2.Statistical anomaly detection: 

it's collects data related to the activities of the legitimate user over a certain period of time. Statistical methods and tests are then applied to the analysed activities, then compared with the relevant security criteria defined on the network. Thus, determining whether the activity is not legitimate user activity.

Comments

Post a Comment

thank you for visiting :)

Popular posts from this blog

The Seven-Step Model of Migration

Irrespective of the migration approach adopted, the Seven-step Model of Cloud Migration creates a more rational point of view towards the migration process and offers the ability to imbibe several best practices throughout the journey Step 1: Assess Cloud migration assessments are conducted to understand the complexities in the migration process at the code, design and architectural levels. The investment and the recurring costs are also evaluated along with gauging the tools, test cases, functionalities and other features related to the configuration. Step 2: Isolate The applications to be migrated to the cloud from the internal data center are freed of dependencies pertaining to the environment and the existing system. This step cuts a clearer picture about the complexity of the migration process. Step 3: Map Most organisations hold a detailed mapping of their environment with all the systems and applications. This information can be used to distinguish between the ...
Post a Comment
Read more

Special Permissions in linux

The setuid permission on an executable file means that the command will run as the user owning the file, not as the user that ran the command. One example is the passwd command: [student@desktopX ~]$ ls -l /usr/bin/passwd -rw s r-xr-x. 1 root root 35504 Jul 16 2010 /usr/bin/passwd In a long listing, you can spot the setuid permissions by a lowercase s where you would normally expect the x (owner execute permissions) to be. If the owner does not have execute permissions, this will be replaced by an uppercase S . The special permission setgid on a directory means that files created in the directory will inherit their group ownership from the directory, rather than inheriting it from the creating user. This is commonly used on group collaborative directories to automatically change a file from the default private group to the shared group, or if files in a directory should be...
Post a Comment
Read more

RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version

import tweepy /usr/lib/python2.7/dist-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version!   RequestsDependencyWarning) Traceback (most recent call last):   File "<stdin>", line 1, in <module>   File "/usr/local/lib/python2.7/dist-packages/tweepy/__init__.py", line 14, in <module>     from tweepy.api import API   File "/usr/local/lib/python2.7/dist-packages/tweepy/api.py", line 12, in <module>     from tweepy.binder import bind_api   File "/usr/local/lib/python2.7/dist-packages/tweepy/binder.py", line 11, in <module>     import requests   File "/usr/lib/python2.7/dist-packages/requests/__init__.py", line 97, in <module>     from . import utils   File "/usr/lib/python2.7/dist-packages/requests/utils.py", line 26, in <module>     from ._internal_utils import to...
Post a Comment
Read more

tag