Combining Anomaly and Signature based Intrusion Detection Systems Essay

Combining Anomaly and Signature based Intrusion Detection Systems - Essay ExampleThe researcher states that the Internet continues to modernise the worlds economy. It is apparently changing the way people live, study, work, participate, and devour. At the hub, of this rebellion is technology. Technology has moved from the back office to the leading edge. Namely, the interface among the customer and the organization has changed spectacularly. Increasingly, technology is shifting the organizations associations with its customers from a face-to-face to a screen-to-face communication. The Internet is not aninnovationthat concerns only one or two sectors of the economy. Because it revolutionizes the way businesses should prudentlysystematizetheir activities and go to the market, the Internet affects all economic commotions. Organizations maintain data communication networks for paperless business operations along with enhance communication. On the other hand, threats and vulnerabilities related to data communication networks are significantly increasing. Firewalls are not considered as the only solution because these intelligent viruses and malicious codes course to pass through it. In order to enable advanced security measures, Intrusion Detections Systems are recommended for corporate networks. The types include network-based IDS, host-based IDS, and software-based IDS. These types are further categorised into signature-based IDS which is similarly referred as misuse detection, and Anomaly Detection. The functionality of signature-based IDS is dependent on known signatures. The word known is important because threats that are detecting so far are categorized as known threats and are called signatures. Signature-based IDS only detect threats similar to the defined available signatures and do not comply with any new threat. Whereas, Anomaly-based IDS detect unexplored activities within the network and detect them as threats and vulnerabilities. These two IDS ty pes comply with different types of methods, process, and various profiles that are discussed in the next part of this coursework. II. Signature-Based IDS The signature-based IDS analyze and identify detail patterns of attacks that are recognized by raw data that is in terms of byte sequences called strings, port number, protocol types etc. Likewise, apart from the normal operational pattern, signature-based IDS detects any bodily function that is unusual from previously defined patterns. Moreover, the patterns are monitored with strict control algorithms. The signatures are stored in a signature repository. The prime object of a signature-based IDS is to search signatures in order to detect a threat or vulnerability that is similar to antivirus software that also detects viruses. The functionality of IDS is to detect attacks that are initiated directly towards the network. Moreover, IDS tries to identify as some events as possible and therefore generate logs.