StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Network Intrusion Detection Systems - Essay Example

Cite this document
Summary
The paper "Network Intrusion Detection Systems" discusses that the working of the intrusion detection system depends on the network and the functionalities within the network. The intrusion detection systems built with classification techniques are more effective when compared to the others…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.5% of users find it useful
Network Intrusion Detection Systems
Read Text Preview

Extract of sample "Network Intrusion Detection Systems"

Network Intrusion Detection systems Introduction Network Intrusion Detection systems are widely used andthey are one of the major component in a network. These systems help to prevent the intrusion and attacks by using a unique mechanism. Intrusion detection system detects and protects the network system from threats and attacks. It is the most important component of the network system. It is mandatory for the network systems to install an intrusion detection system to easily manage the attacks and resolve the issues. (Mun 2009). There are various types of intrusion systems and they are implemented based on the network system. These intrusion systems have been designed using various techniques. The intrusion system designed with the help of classification technique is the popular ones as it provides more security to the systems in which it is installed. The classification technique is used to classify the type of attack the system faces. (Base 2000).The intrusion system has the responsibility of protecting the system and preventing the attacks. Network intrusion systems using classification techniques are widely used and there are many articles have been written on this system. According to Mun the intrusion detection system works well only if the system is selected based on the type of network. The intrusion detection system must be selected to suit the network. There are various types of networks and the system must make sure that it satisfies the network's requirements. The classification technique is used in the intrusion systems to classify and divide the attacks and threats. (Mun 2009).This technique is preferred by most of the network administrators due to its compatibility and efficiency. The intrusion systems work well only when the network's requirements are satisfied. The intrusion detection systems are generally classified into network based intrusion detection systems and host based intrusion detection systems. Network based intrusion system makes use of classification technique since it offers more protection when compared to the other techniques. The systems which are built using classification technique protect each layer of the network. The Ethernet of IP and the other layers are protected and they can be free from intruders. (Northcutt, Noval 2003).Since the classification technique based intrusion detection systems protects the network and its layers from intrusion, it is one among the best intrusion detection systems. Though intrusion system built with classification technique offers more protection, the intruders make use of varying techniques that can pose threat to the other parts of the system. Mun's views about the classification technique and the intrusion detection system favor only the small scale network systems. The system is not much effective in dealing the network in a large scale. As defined by Song, the intrusion systems that implements classification technique are much better than systems that are developed using other techniques. Some of the systems built with classification technique classify the packets that enter into the network. (Song 2005).Each network will have packet transfer within the systems in the same network and also with the systems from the other networks. The packets enter the network only after the network admi9nistrator permits the packet. Each packet is thoroughly examined for any attacks and threats. If any packet with threat is detected, they are immediately discarded by the intrusion system. There are two types of intrusion systems, intrusion detection and intrusion prevention systems. The intrusion detection systems detect the attacks and threats and stop them from attacking the network system. The prevention systems protect the network system from getting affected by these threats. The key issues and concepts specified by Song are applicable for systems that implement packet classification. The systems that use intrusion detection systems with an enhancement of packet classification have other disadvantages. Song's concept works well for systems which transfer packets frequently. The weakness of the paper is it does not concentrate on the entire working of the intrusion system. It focuses only on the inspection of the packet. It does not specify about the effectiveness of the classification technique. According to Handley the intrusion detection system must be designed by keeping in mind the environment of the network. If the network is prone to more traffic then the intrusion detection system must be more efficient. The detection system must minimize the ambiguities created by the network traffic. It should protect the system from the traffic created by the hackers and intruders. (Handley 2001).The classification technique in intrusion detection systems are built in the path of the network. This helps in packet filtering. Packet filtering is an important concept, since the incoming and outgoing packets carry information that needs protection. If packet filtering technique is applied, the vulnerability of the security attacks can be minimized. Handley's paper emphasizes on the safety of the packet. The safety of the network system should be managed by implementing a system that protects the network from intruders and hackers. The strength of the paper is the due emphasize and concentration on the flow of packet. Even though packets play a major part in the network system, the other components of the system are equally important. According to Kazienko , intrusion detection systems act as a security to the network for which it is installed. The network is intruded by malicious users and this poses a high security threat to the network system. The intrusion detection systems are designed with the help of classification techniques. The key issue and the basis of research are to find out which classification technique works well when combined with the intrusion detection system. The classification techniques like k-mean method and neural networks are used in designing intrusion detection systems.(Kazienko 2004). Any one of these classification techniques is implemented in the intrusion detection systems. By using these methods the systems become more secure. There are certain limitations in developing an intrusion detection system with the help of classification technique. Neural network technique is of high efficiency and it has the capability of exhibiting high accuracy when compared to the other classification techniques. The disadvantage of neural networks is it takes more time in executing the intrusion detection. Still it is preferred due to its accuracy. (Hofmeyr 1998).Another classification technique is support vector and this gives minimal accuracy within a short period of time. Though Kazienko specifies the advantages of the classification technique, this paper have certain limitations. The accuracy of the intrusion system is the important aspect. If the accuracy is less, then the system does not yield good results. The paper must have included more details regarding the classification techniques and their limitations. As defined by Zhang, the wireless network system is the toughest task. Instead of developing intrusion detection systems for normal network systems, companies can design and develop intrusion detection systems for wireless networks. Wireless network systems are more prone to attacks and threats. Thus it requires an intrusion detection system that is of more efficiency. The system must be able to handle the attack sand threats and make sure the system is not vulnerable to such intrusions.(Zhang 2000). As wireless networks rely more on these intrusion detection systems, detection system must be selected with utmost care. The denial of service attacks is the remarkable improvement in the network systems. Zhang emphasizes more on the vulnerability of wireless systems and how to overcome it. Even though wireless systems are being used, it has not gained much popularity like the normal network systems. The paper does not give due importance to the classification techniques used in the intrusion detection systems that are used in wireless network systems. The papers that explain about the various intrusion detection systems concentrate more n the working of the system rather than the design and development of intrusion detection systems. Most of the detection systems that are built with classification techniques are the ones that are more effective in dealing with the intrusion attacks. The limitations and the disadvantages are more in the systems that deal with bigger network systems. Conclusion The network systems must ensure that the intrusion detection systems are selected according to the network. The working of the intrusion detection system depends on the network and the functionalities within the network. The intrusion detection systems built with classification technique are more effective when compared to the other intrusion detection systems. Reference Mun, Y. Network Intrusion Detection and Prevention Systems. (2009). Web. 27 Feb.2010. Zhang, Y. Intrusion Detection Systems. (2000). Web. 28 Feb.2010. Song, H. Packet Classification for Intrusion Detection. (2005). Web. 27 Feb 2010. Hofmeyr, S. Intrusion Detection Using Sequence of System Calls. (1998). Web. 28 Feb 2010. Handley, M. Network Intrusion Detection: Evasion, Traffic Normalization. (2001): 9-10. Web. 27 Feb 2010. Kazienko, P. Intrusion Detection systems (IDS). Classification, Methods and Techniques. (2004). Web. 27 Feb 2010. Base, R. Intrusion Detection. U.S.A: Macmillan Technical Publishing, 2000. Northcutt, S, and Novak,J. Network Intrusion Detection. U.S.A: New Riders Publishing, 2003. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Network Intrusion Detection Systems Essay Example | Topics and Well Written Essays - 1500 words”, n.d.)
Retrieved from https://studentshare.org/miscellaneous/1528417-network-intrusion-detection-systems
(Network Intrusion Detection Systems Essay Example | Topics and Well Written Essays - 1500 Words)
https://studentshare.org/miscellaneous/1528417-network-intrusion-detection-systems.
“Network Intrusion Detection Systems Essay Example | Topics and Well Written Essays - 1500 Words”, n.d. https://studentshare.org/miscellaneous/1528417-network-intrusion-detection-systems.
  • Cited: 0 times

CHECK THESE SAMPLES OF Network Intrusion Detection Systems

Intrusion detection systems

IDS is the short form for the intrusion detection systems.... IDS is the short form for the intrusion detection systems.... These systems basically find out the manner in which unwanted signals towards the systems are manipulated.... These systems basically find out the manner in which unwanted signals towards the systems are manipulated.... IDS thus looks at the malicious data traffic that is taking place in computer networks as well as tries its best at finding out the spots where the firewall would not play its active part and thus seize the chance of finding the loopholes that might exist within a computer and indeed the whole of the network under question....
8 Pages (2000 words) Essay

Windows Vulnerability

It is also prudent to make use of Network Intrusion Detection Systems (NIDS), which will be instrumental in analyzing the traffic (Cisco).... This bug allows an attacker to gain remote access to the target systems, meaning that they have unauthorized and uncontrolled access to an organization's… This is, primarily, due to the fact that design flaws exist when using the cipher-block chaining (CBC) approach of operation within the encryption protocols used at the transport layer....
2 Pages (500 words) Research Paper

The Solution of VPN Connection

Without a doubt, this can be problematic if an intruder has one privilege to accessing the network remotely, which allows him access to all the applications.... In this particular scenario, the frame relay network consists of a group of interconnected nodes (switches), which relay the frame relay data across the network.... Moreover, spoofing can also be conducted since an intruder can deceive the network that it recognizes a possible unauthorized access....
6 Pages (1500 words) Case Study

IDS Systems - Snort and Bro

At the present, there exist a large number of intrusion detection systems (IDS).... Some intrusion detection systems are available in the open-source environment, which makes it easier for the organizations to adopt them according to their needs.... The basic objective of this research is to provide an analysis of two open-source intrusion detection systems: Snort and Bro.... artin Roesch developed a NIDS (network intrusion detection system), which is mainly an open-source NIDS, and called as Snort....
12 Pages (3000 words) Case Study

Cyber Incident Response for Blue Moon Financial

This paper ''Cyber Incident Response for Blue Moon Financial'' discusses how I will deal with the active network intrusion attack in the company under various sub-topics.... n light of the active network intrusion incident, it important that emergency steps are taken immediately to ensure that further damage is not caused to the company.... hellip; My company has also experienced an elevated amount of port scanning and other types of reconnaissance activities showing that the network intrusion attacks have become rampant and require urgent solutions to ensure that we are not affected in a manner that will lead to the loss of information and funds to the attackers....
11 Pages (2750 words) Term Paper

The Development of Network Intrusion Detection Systems

The paper 'The Development of Network Intrusion Detection Systems' presents validating an approach against actual real-time data – an approach that addresses two major issues that have been left unattended in the development of Network Intrusion Detection Systems by previous researchers.... he research paper deals with the problems in Network Security domain, specialized in the development of intrusion detection systems.... There is a great need for highly acto gainxtremely fast processing detection systems in such a scenario....
5 Pages (1250 words) Research Paper

Stalking the Wily Hacker

Cliff Stoll, an astronomer became the systems Manager at Lawrence Berkeley lab when a high percentage accounting error alerted him of the presence of an illegal user on his system.... The hacker's code name was 'hunter' – a strange invader hiding inside an electronic labyrinth, breaking into the United States computer systems and stealing confidential military and security information....
9 Pages (2250 words) Case Study

Risk Analysis of the InSycure Computer System

From the above table, it is quite clear that Authentication and Authorization services, Environmental servers and DNS name servers, Network –modems, servers and routers, Network Intrusion Detection Systems are more critical compared to Client systems and Accounting systems.... A sample classification for assets and their prioritiesDescription of assetspriorityClient systems(Windows 2000 profession operating systems, apple computers and main frame computersEssentialAuthentication and Authorization servicesCriticalEnvironmental servers and DNS name serversCriticalNetwork –modems, servers and routers, network intrusion detection systemsCriticalAccounting (IBM Mainframe-Payroll server)EssentialThe above assets for InSysecure computer system have been identified and prioritized based on their essentiality and criticality role in the company....
8 Pages (2000 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us