尊敬的 微信汇率:1円 ≈ 0.046078 元 支付宝汇率:1円 ≈ 0.046168元 [退出登录]
SlideShare a Scribd company logo

Intrusion detection system

Download as PPTX, PDF
Akhil Kumar
Akhil Kumar

Network intrusion detection systems (NIDS) monitor network traffic for malicious activity by analyzing network packets at choke points like borders or the demilitarized zone. NIDS identify intrusions by comparing traffic patterns to known attack signatures or by detecting anomalies from established baselines. While NIDS can detect both previously known and unknown attacks, they require frequent signature database updates and may generate false positives. NIDS provide visibility without affecting network performance but cannot inspect encrypted traffic or all traffic on very large networks.

Technology
1 of 27
BY M.SUDHEER REDDY
AGENDA INTRODUCTION TYPES OF IDS NETWORK INTRUSION DETECTION SYSTEM HOW DOES IT PROTECT THE SENSITIVE SYSTEM WORKING OF NIDS DIFFERENCES BETWEEN NIDS AND FIREWALL
MISUSE DETECTION SYSTEMS NEW ARCHITECTURE IMPLEMENTED APPROACHES ADVANTAGES AND DISADVANTAGES CONCLUSION
INTRODUCTION  An intrusion is somebody attempting to break into or misuse your system.  An intrusion detection system (IDS) is a device (or application) that monitors network and/or system activities for malicious activities or policy violations.
TYPES OF INTRUSION DETECTION SYSTEM  Intrusion Detection Systems are categorized into two types a) Network intrusion detection system(NIDS) b) Host based intrusion detection system(HIDS)
NETWORK INTRUSION DETECTION SYSTEM (NIDS)  A network-based IDS or NIDS resides on a computer or appliance connected to a segment of an organization's network and monitors network traffic on that network.  In a network-based intrusion-detection system (NIDS), the sensors are located at choke points in network to be monitored, often in the dematerialized zone (DMZ) or at network borders.
HOW DOES NIDS PROTECT SENSITIVE MATERIALS  A Network Intrusion Detection System (NIDS) performs the same function as a sophisticated alarm system.  NIDS observes and alerts. It will not affect network performance. NIDS maintains a database – updated daily – that contains a history, nearly a decade’s worth of documented attack attempts, detecting similarities.
WORKING OF NIDS HUBS:  The NIDS device connects to a network hub or a switch that connects to the network router or Firewall. All traffic passing to or from the customer is inspected by the NIDS device.
TAP:  The network tap is another approach to allowing the NIDS to see all the traffic on a switched network.  A tap is similar in function to a phone tap. The tap will typically look like 3-port switch. Port 1 will attach to Switch 1 Port 2 will attach to Switch 2 and Port 3 will attach to the NIDS.
SPAN PORT: Another popular option for adding a sniffer of any type to a network is the use of a span port on the switch being monitored A span port is a port that is configured to have a copy of all packets sent to it The major disadvantage of spanning ports is that they can have a detrimental effect on other traffic traversing the switch.
An inline NIDS looks essentially like a bridge. The NIDS will be configured without an IP so that it will not respond to any trafficThe final option is an inline NIDS. The IPS will simply accept traffic on one NIC and pass it back out unchanged on a second NIC like a bridge.
TYPES OF DETECTION METHODS:  Two types of detection methods are: a) Anomaly Detection model b) Signature detection model ANOMALY DETECTION MODEL:  IDS methodology is an approach called anomaly detection or behavior-based detection.  This model works by establishing accepted baselines or rules and noting exceptional differences
 If an ids looks only at network packet headers for differences it is called as protocol anomaly detection. This model triggers off when the following events occur a) Unusual user account activity b) Excessive file and object accesses c) High cpu utilization d) Inappropriate protocol use e) Unusual login frequency f) High number of sessions g) Unusual content
Anomaly Detection :
Advantages:  Analyzes ongoing traffic, activity, transactions, and behavior for anomalies.  Potential to detect previously unknown types of attacks.  Catalogs the differences between baseline behavior and ongoing activity. Disadvantages:  Prone to false positives.  Heavy processing overhead.  Vulnerable to attack while creating time consuming, statistically significant baselines.
Signature detection model:  The defined patterns of code are called as signatures and often treated as a rule when included in ids.  Signature-based IDS use a database of traffic and activity patterns related to known attacks. The patterns are called attack signatures.  These signatures and rules can be collected together into larger sets called signature databases or rule sets.
 Advantages: Examines ongoing activity and matches against patterns of previously observed attacks. Works extremely well against previously observed attacks.  Disadvantages: Signature databases must be constantly updated. Must compare and match activities against large collections of attack signatures. Specific signature definitions may miss variations on known attacks. May impose noticeable performance drags on systems.
Misuse Detection:  Expert Systems Keystroke monitoring  Model Based Intrusion Detection
NEW ARCHITECTURE Mobile IDS Agents The Local Audit Trial The Local Intrusion Database ( LID ) The Secure Communication Module The Anomaly Detection Modules ( ADM s The Misuse Detection Modules ( MDM) s Stationary Secure Database
IMPLEMENTED APPROACHES IEEE 802.11 a) Open System Authentication. b) Shared Key Authentication. Secure key generation and distribution Mitigating Routing Misbehavior:( Sergio Marti et al. [19])
ADVANTAGES:  Monitors an entire network with only a few well-placed nodes  Mostly passive devices  Low Overhead and limited number of resources are used even in the large network.  Easy to secure against attack  Mostly undetectable to attackers or intruders because they are completely hidden in the network.  Easy to install  NIDS can be used in the present networks without interrupting conventional network operations.
DISADVANTAGES:  May not be able to monitor and analyze all traffic on large, busy networks  Vulnerable to attacks launched during peak traffic periods on large busy networks  Not able to monitor switch-based (high-speed) networks effectively  Typically unable to analyze encrypted data or not suitable for encrypted traffic.  Does not always report success or failure of attempted attacks  Require active manual involvement by network administrators or security administrators.
CONCLUSION:  As NIDS technologies continue to evolve, they will more closely resemble their real-world counterparts. In the future, NIDS, firewalls, VPNs, and related security technologies will all come to interoperate to a much higher degree. The current generation of IDS (HIDS and NIDS) is quite effective already; as they continue to improve they will become the backbone of the more flexible security systems we expect to see in the not-too-distant future.
QUERIES…????
Intrusion detection system

Recommended

Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
AAKASH S
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
gaurav koriya
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Roshan Ranabhat
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Jowin John Chemban
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Using Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection SystemsUsing Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection Systems
Omar Shaya
 

Recommended

Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
AAKASH S
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
gaurav koriya
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Roshan Ranabhat
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Jowin John Chemban
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Using Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection SystemsUsing Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection Systems
Omar Shaya
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
Mohit Belwal
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
Santosh Khadsare
 
Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1
whitehat 'People'
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
OECLIB Odisha Electronics Control Library
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Aparna Bhadran
 
Intrusion Detection Presentation
Intrusion Detection PresentationIntrusion Detection Presentation
Intrusion Detection Presentation
Mustafash79
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
Aj Maurya
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)
LJ PROJECTS
 
Deep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection systemDeep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection system
Avinash Kumar
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
Disha Bedi
 
Introduction To Intrusion Detection Systems
Introduction To Intrusion Detection SystemsIntroduction To Intrusion Detection Systems
Introduction To Intrusion Detection Systems
Paul Green
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
amit kumar
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)
shraddha_b
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Sweta Sharma
 
IDS, IPS, IDPS
IDS, IPS, IDPSIDS, IPS, IDPS
IDS, IPS, IDPS
Minhaz A V
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
Vishwanath Badiger
 
Cyb 5675 class project final
Cyb 5675 class project finalCyb 5675 class project final
Cyb 5675 class project final
Craig Cannon
 
Push N Pull
Push N PullPush N Pull
Push N Pull
Christine Tay
 

More Related Content

What's hot

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
Mohit Belwal
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
Santosh Khadsare
 
Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1
whitehat 'People'
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
OECLIB Odisha Electronics Control Library
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Aparna Bhadran
 
Intrusion Detection Presentation
Intrusion Detection PresentationIntrusion Detection Presentation
Intrusion Detection Presentation
Mustafash79
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
Aj Maurya
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)
LJ PROJECTS
 
Deep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection systemDeep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection system
Avinash Kumar
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
Disha Bedi
 
Introduction To Intrusion Detection Systems
Introduction To Intrusion Detection SystemsIntroduction To Intrusion Detection Systems
Introduction To Intrusion Detection Systems
Paul Green
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
amit kumar
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)
shraddha_b
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Sweta Sharma
 
IDS, IPS, IDPS
IDS, IPS, IDPSIDS, IPS, IDPS
IDS, IPS, IDPS
Minhaz A V
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
Vishwanath Badiger
 

What's hot (20)

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Intrusion Detection Presentation
Intrusion Detection PresentationIntrusion Detection Presentation
Intrusion Detection Presentation
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)
 
Deep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection systemDeep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection system
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
 
Introduction To Intrusion Detection Systems
Introduction To Intrusion Detection SystemsIntroduction To Intrusion Detection Systems
Introduction To Intrusion Detection Systems
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
IDS, IPS, IDPS
IDS, IPS, IDPSIDS, IPS, IDPS
IDS, IPS, IDPS
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
 

Viewers also liked

Cyb 5675 class project final
Cyb 5675 class project finalCyb 5675 class project final
Cyb 5675 class project final
Craig Cannon
 
Push N Pull
Push N PullPush N Pull
Push N Pull
Christine Tay
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)
david rom
 
Push & Pull
Push & PullPush & Pull
Push & Pull
Nicola Wilson
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
 
Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]
SISA Information Security Pvt.Ltd
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
Narudom Roongsiriwong, CISSP
 
Key management
Key managementKey management
Key management
Brandon Byungyong Jo
 
Snort
SnortSnort
Snort
Michael Boman
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network Security
primeteacher32
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using Snort
Disha Bedi
 
Hcl
HclHcl
Hcl
Riya Choudhary
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distribution
Riya Choudhary
 
Snort ppt
Snort pptSnort ppt
Snort ppt
aAlcantar93
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypot
mmubashirkhan
 
Snort IDS/IPS Basics
Snort IDS/IPS BasicsSnort IDS/IPS Basics
Snort IDS/IPS Basics
Mahendra Pratap Singh
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
Yoram Orzach
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
Devil's Cafe
 
Futurex Secure Key Injection Solution
Futurex Secure Key Injection SolutionFuturex Secure Key Injection Solution
Futurex Secure Key Injection Solution
Greg Stone
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 

Viewers also liked (20)

Cyb 5675 class project final
Cyb 5675 class project finalCyb 5675 class project final
Cyb 5675 class project final
 
Push N Pull
Push N PullPush N Pull
Push N Pull
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)
 
Push & Pull
Push & PullPush & Pull
Push & Pull
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
 
Key management
Key managementKey management
Key management
 
Snort
SnortSnort
Snort
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network Security
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using Snort
 
Hcl
HclHcl
Hcl
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distribution
 
Snort ppt
Snort pptSnort ppt
Snort ppt
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypot
 
Snort IDS/IPS Basics
Snort IDS/IPS BasicsSnort IDS/IPS Basics
Snort IDS/IPS Basics
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
Futurex Secure Key Injection Solution
Futurex Secure Key Injection SolutionFuturex Secure Key Injection Solution
Futurex Secure Key Injection Solution
 
Wireshark
WiresharkWireshark
Wireshark
 

Similar to Intrusion detection system

Efficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion DetectionEfficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion Detection
editor1knowledgecuddle
 
IS-Types of IDPSs.pptx
IS-Types of IDPSs.pptxIS-Types of IDPSs.pptx
IS-Types of IDPSs.pptx
V.V.Vanniaperumal College for Women
 
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless NetworkA Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
IOSR Journals
 
A secure intrusion detection system against ddos attack in wireless mobile ad...
A secure intrusion detection system against ddos attack in wireless mobile ad...A secure intrusion detection system against ddos attack in wireless mobile ad...
A secure intrusion detection system against ddos attack in wireless mobile ad...
vishnuRajan20
 
Survey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection SystemSurvey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection System
Eswar Publications
 
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
IJERA Editor
 
idps
idpsidps
idps
iskrene
 
Database security project-presentation-2-v1
Database security project-presentation-2-v1Database security project-presentation-2-v1
Database security project-presentation-2-v1
galibhussain
 
Optimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning AlgorithmOptimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning Algorithm
ijtsrd
 
Intrusion Detection in WLANs
Intrusion Detection in WLANsIntrusion Detection in WLANs
Intrusion Detection in WLANs
ronrulzzz
 
Intrusion Detection System: Security Monitoring System
Intrusion Detection System: Security Monitoring SystemIntrusion Detection System: Security Monitoring System
Intrusion Detection System: Security Monitoring System
IJERA Editor
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Programmer
 
N44096972
N44096972N44096972
N44096972
IJERA Editor
 
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
IJNSA Journal
 
Intrusion Detection Systems
Intrusion Detection SystemsIntrusion Detection Systems
Intrusion Detection Systems
vamsi_xmen
 
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEYSECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
Journal For Research
 
Ijnsa050208
Ijnsa050208Ijnsa050208
Ijnsa050208
IJNSA Journal
 
Intrusion Detection System using AI and Machine Learning Algorithm
Intrusion Detection System using AI and Machine Learning AlgorithmIntrusion Detection System using AI and Machine Learning Algorithm
Intrusion Detection System using AI and Machine Learning Algorithm
IRJET Journal
 
Day4
Day4Day4
Day4
Jai4uk
 
Information Security.pptx
Information Security.pptxInformation Security.pptx
Information Security.pptx
DrRajapraveen
 

Similar to Intrusion detection system (20)

Efficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion DetectionEfficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion Detection
 
IS-Types of IDPSs.pptx
IS-Types of IDPSs.pptxIS-Types of IDPSs.pptx
IS-Types of IDPSs.pptx
 
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless NetworkA Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
 
A secure intrusion detection system against ddos attack in wireless mobile ad...
A secure intrusion detection system against ddos attack in wireless mobile ad...A secure intrusion detection system against ddos attack in wireless mobile ad...
A secure intrusion detection system against ddos attack in wireless mobile ad...
 
Survey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection SystemSurvey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection System
 
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
 
idps
idpsidps
idps
 
Database security project-presentation-2-v1
Database security project-presentation-2-v1Database security project-presentation-2-v1
Database security project-presentation-2-v1
 
Optimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning AlgorithmOptimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning Algorithm
 
Intrusion Detection in WLANs
Intrusion Detection in WLANsIntrusion Detection in WLANs
Intrusion Detection in WLANs
 
Intrusion Detection System: Security Monitoring System
Intrusion Detection System: Security Monitoring SystemIntrusion Detection System: Security Monitoring System
Intrusion Detection System: Security Monitoring System
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
N44096972
N44096972N44096972
N44096972
 
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
 
Intrusion Detection Systems
Intrusion Detection SystemsIntrusion Detection Systems
Intrusion Detection Systems
 
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEYSECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
 
Ijnsa050208
Ijnsa050208Ijnsa050208
Ijnsa050208
 
Intrusion Detection System using AI and Machine Learning Algorithm
Intrusion Detection System using AI and Machine Learning AlgorithmIntrusion Detection System using AI and Machine Learning Algorithm
Intrusion Detection System using AI and Machine Learning Algorithm
 
Day4
Day4Day4
Day4
 
Information Security.pptx
Information Security.pptxInformation Security.pptx
Information Security.pptx
 

More from Akhil Kumar

Edp section of solids
Edp section of solidsEdp section of solids
Edp section of solids
Akhil Kumar
 
Edp scales
Edp scalesEdp scales
Edp scales
Akhil Kumar
 
Edp projection of solids
Edp projection of solidsEdp projection of solids
Edp projection of solids
Akhil Kumar
 
Edp projection of planes
Edp projection of planesEdp projection of planes
Edp projection of planes
Akhil Kumar
 
Edp projection of lines
Edp projection of linesEdp projection of lines
Edp projection of lines
Akhil Kumar
 
Edp ortographic projection
Edp ortographic projectionEdp ortographic projection
Edp ortographic projection
Akhil Kumar
 
Edp isometric
Edp isometricEdp isometric
Edp isometric
Akhil Kumar
 
Edp intersection
Edp intersectionEdp intersection
Edp intersection
Akhil Kumar
 
Edp excerciseeg
Edp excerciseegEdp excerciseeg
Edp excerciseeg
Akhil Kumar
 
Edp ellipse by gen method
Edp ellipse by gen methodEdp ellipse by gen method
Edp ellipse by gen method
Akhil Kumar
 
Edp development of surfaces of solids
Edp development of surfaces of solidsEdp development of surfaces of solids
Edp development of surfaces of solids
Akhil Kumar
 
Edp curves2
Edp curves2Edp curves2
Edp curves2
Akhil Kumar
 
Edp curve1
Edp curve1Edp curve1
Edp curve1
Akhil Kumar
 
Edp typical problem
Edp typical problemEdp typical problem
Edp typical problem
Akhil Kumar
 
Edp st line(new)
Edp st line(new)Edp st line(new)
Edp st line(new)
Akhil Kumar
 
graphical password authentication
graphical password authenticationgraphical password authentication
graphical password authentication
Akhil Kumar
 
yii framework
yii frameworkyii framework
yii framework
Akhil Kumar
 
cloud computing
cloud computingcloud computing
cloud computing
Akhil Kumar
 
WORDPRESS
WORDPRESSWORDPRESS
WORDPRESS
Akhil Kumar
 
AJAX
AJAXAJAX
AJAX
Akhil Kumar
 

More from Akhil Kumar (20)

Edp section of solids
Edp section of solidsEdp section of solids
Edp section of solids
 
Edp scales
Edp scalesEdp scales
Edp scales
 
Edp projection of solids
Edp projection of solidsEdp projection of solids
Edp projection of solids
 
Edp projection of planes
Edp projection of planesEdp projection of planes
Edp projection of planes
 
Edp projection of lines
Edp projection of linesEdp projection of lines
Edp projection of lines
 
Edp ortographic projection
Edp ortographic projectionEdp ortographic projection
Edp ortographic projection
 
Edp isometric
Edp isometricEdp isometric
Edp isometric
 
Edp intersection
Edp intersectionEdp intersection
Edp intersection
 
Edp excerciseeg
Edp excerciseegEdp excerciseeg
Edp excerciseeg
 
Edp ellipse by gen method
Edp ellipse by gen methodEdp ellipse by gen method
Edp ellipse by gen method
 
Edp development of surfaces of solids
Edp development of surfaces of solidsEdp development of surfaces of solids
Edp development of surfaces of solids
 
Edp curves2
Edp curves2Edp curves2
Edp curves2
 
Edp curve1
Edp curve1Edp curve1
Edp curve1
 
Edp typical problem
Edp typical problemEdp typical problem
Edp typical problem
 
Edp st line(new)
Edp st line(new)Edp st line(new)
Edp st line(new)
 
graphical password authentication
graphical password authenticationgraphical password authentication
graphical password authentication
 
yii framework
yii frameworkyii framework
yii framework
 
cloud computing
cloud computingcloud computing
cloud computing
 
WORDPRESS
WORDPRESSWORDPRESS
WORDPRESS
 
AJAX
AJAXAJAX
AJAX
 

Recently uploaded

Communications Mining Series - Zero to Hero - Session 2
Communications Mining Series - Zero to Hero - Session 2Communications Mining Series - Zero to Hero - Session 2
Communications Mining Series - Zero to Hero - Session 2
DianaGray10
 
Database Management Myths for Developers
Database Management Myths for DevelopersDatabase Management Myths for Developers
Database Management Myths for Developers
John Sterrett
 
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc
 
Guidelines for Effective Data Visualization
Guidelines for Effective Data VisualizationGuidelines for Effective Data Visualization
Guidelines for Effective Data Visualization
UmmeSalmaM1
 
Radically Outperforming DynamoDB @ Digital Turbine with SADA and Google Cloud
Radically Outperforming DynamoDB @ Digital Turbine with SADA and Google CloudRadically Outperforming DynamoDB @ Digital Turbine with SADA and Google Cloud
Radically Outperforming DynamoDB @ Digital Turbine with SADA and Google Cloud
ScyllaDB
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
UiPathCommunity
 
Ubuntu Server CLI cheat sheet 2024 v6.pdf
Ubuntu Server CLI cheat sheet 2024 v6.pdfUbuntu Server CLI cheat sheet 2024 v6.pdf
Ubuntu Server CLI cheat sheet 2024 v6.pdf
TechOnDemandSolution
 
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfLee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
leebarnesutopia
 
Move Auth, Policy, and Resilience to the Platform
Move Auth, Policy, and Resilience to the PlatformMove Auth, Policy, and Resilience to the Platform
Move Auth, Policy, and Resilience to the Platform
Christian Posta
 
New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024
ThousandEyes
 
ScyllaDB Topology on Raft: An Inside Look
ScyllaDB Topology on Raft: An Inside LookScyllaDB Topology on Raft: An Inside Look
ScyllaDB Topology on Raft: An Inside Look
ScyllaDB
 
EverHost AI Review: Empowering Websites with Limitless Possibilities through ...
EverHost AI Review: Empowering Websites with Limitless Possibilities through ...EverHost AI Review: Empowering Websites with Limitless Possibilities through ...
EverHost AI Review: Empowering Websites with Limitless Possibilities through ...
SOFTTECHHUB
 
The Strategy Behind ReversingLabs’ Massive Key-Value Migration
The Strategy Behind ReversingLabs’ Massive Key-Value MigrationThe Strategy Behind ReversingLabs’ Massive Key-Value Migration
The Strategy Behind ReversingLabs’ Massive Key-Value Migration
ScyllaDB
 
From NCSA to the National Research Platform
From NCSA to the National Research PlatformFrom NCSA to the National Research Platform
From NCSA to the National Research Platform
Larry Smarr
 
CNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My Identity
CNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My IdentityCNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My Identity
CNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My Identity
Cynthia Thomas
 
Chapter 1 - Fundamentals of Testing V4.0
Chapter 1 - Fundamentals of Testing V4.0Chapter 1 - Fundamentals of Testing V4.0
Chapter 1 - Fundamentals of Testing V4.0
Neeraj Kumar Singh
 
Leveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptxLeveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptx
petabridge
 
An Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise IntegrationAn Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise Integration
Safe Software
 
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time MLMongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
ScyllaDB
 
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
dipikamodels1
 

Recently uploaded (20)

Communications Mining Series - Zero to Hero - Session 2
Communications Mining Series - Zero to Hero - Session 2Communications Mining Series - Zero to Hero - Session 2
Communications Mining Series - Zero to Hero - Session 2
 
Database Management Myths for Developers
Database Management Myths for DevelopersDatabase Management Myths for Developers
Database Management Myths for Developers
 
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
 
Guidelines for Effective Data Visualization
Guidelines for Effective Data VisualizationGuidelines for Effective Data Visualization
Guidelines for Effective Data Visualization
 
Radically Outperforming DynamoDB @ Digital Turbine with SADA and Google Cloud
Radically Outperforming DynamoDB @ Digital Turbine with SADA and Google CloudRadically Outperforming DynamoDB @ Digital Turbine with SADA and Google Cloud
Radically Outperforming DynamoDB @ Digital Turbine with SADA and Google Cloud
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
 
Ubuntu Server CLI cheat sheet 2024 v6.pdf
Ubuntu Server CLI cheat sheet 2024 v6.pdfUbuntu Server CLI cheat sheet 2024 v6.pdf
Ubuntu Server CLI cheat sheet 2024 v6.pdf
 
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfLee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
 
Move Auth, Policy, and Resilience to the Platform
Move Auth, Policy, and Resilience to the PlatformMove Auth, Policy, and Resilience to the Platform
Move Auth, Policy, and Resilience to the Platform
 
New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024
 
ScyllaDB Topology on Raft: An Inside Look
ScyllaDB Topology on Raft: An Inside LookScyllaDB Topology on Raft: An Inside Look
ScyllaDB Topology on Raft: An Inside Look
 
EverHost AI Review: Empowering Websites with Limitless Possibilities through ...
EverHost AI Review: Empowering Websites with Limitless Possibilities through ...EverHost AI Review: Empowering Websites with Limitless Possibilities through ...
EverHost AI Review: Empowering Websites with Limitless Possibilities through ...
 
The Strategy Behind ReversingLabs’ Massive Key-Value Migration
The Strategy Behind ReversingLabs’ Massive Key-Value MigrationThe Strategy Behind ReversingLabs’ Massive Key-Value Migration
The Strategy Behind ReversingLabs’ Massive Key-Value Migration
 
From NCSA to the National Research Platform
From NCSA to the National Research PlatformFrom NCSA to the National Research Platform
From NCSA to the National Research Platform
 
CNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My Identity
CNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My IdentityCNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My Identity
CNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My Identity
 
Chapter 1 - Fundamentals of Testing V4.0
Chapter 1 - Fundamentals of Testing V4.0Chapter 1 - Fundamentals of Testing V4.0
Chapter 1 - Fundamentals of Testing V4.0
 
Leveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptxLeveraging AI for Software Developer Productivity.pptx
Leveraging AI for Software Developer Productivity.pptx
 
An Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise IntegrationAn Introduction to All Data Enterprise Integration
An Introduction to All Data Enterprise Integration
 
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time MLMongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
 
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
 

Intrusion detection system

  • 2.
  • 3. AGENDA INTRODUCTION TYPES OF IDS NETWORK INTRUSION DETECTION SYSTEM HOW DOES IT PROTECT THE SENSITIVE SYSTEM WORKING OF NIDS DIFFERENCES BETWEEN NIDS AND FIREWALL
  • 4. MISUSE DETECTION SYSTEMS NEW ARCHITECTURE IMPLEMENTED APPROACHES ADVANTAGES AND DISADVANTAGES CONCLUSION
  • 5. INTRODUCTION  An intrusion is somebody attempting to break into or misuse your system.  An intrusion detection system (IDS) is a device (or application) that monitors network and/or system activities for malicious activities or policy violations.
  • 6. TYPES OF INTRUSION DETECTION SYSTEM  Intrusion Detection Systems are categorized into two types a) Network intrusion detection system(NIDS) b) Host based intrusion detection system(HIDS)
  • 7. NETWORK INTRUSION DETECTION SYSTEM (NIDS)  A network-based IDS or NIDS resides on a computer or appliance connected to a segment of an organization's network and monitors network traffic on that network.  In a network-based intrusion-detection system (NIDS), the sensors are located at choke points in network to be monitored, often in the dematerialized zone (DMZ) or at network borders.
  • 8. HOW DOES NIDS PROTECT SENSITIVE MATERIALS  A Network Intrusion Detection System (NIDS) performs the same function as a sophisticated alarm system.  NIDS observes and alerts. It will not affect network performance. NIDS maintains a database – updated daily – that contains a history, nearly a decade’s worth of documented attack attempts, detecting similarities.
  • 9. WORKING OF NIDS HUBS:  The NIDS device connects to a network hub or a switch that connects to the network router or Firewall. All traffic passing to or from the customer is inspected by the NIDS device.
  • 10. TAP:  The network tap is another approach to allowing the NIDS to see all the traffic on a switched network.  A tap is similar in function to a phone tap. The tap will typically look like 3-port switch. Port 1 will attach to Switch 1 Port 2 will attach to Switch 2 and Port 3 will attach to the NIDS.
  • 11. SPAN PORT: Another popular option for adding a sniffer of any type to a network is the use of a span port on the switch being monitored A span port is a port that is configured to have a copy of all packets sent to it The major disadvantage of spanning ports is that they can have a detrimental effect on other traffic traversing the switch.
  • 12. An inline NIDS looks essentially like a bridge. The NIDS will be configured without an IP so that it will not respond to any trafficThe final option is an inline NIDS. The IPS will simply accept traffic on one NIC and pass it back out unchanged on a second NIC like a bridge.
  • 13. TYPES OF DETECTION METHODS:  Two types of detection methods are: a) Anomaly Detection model b) Signature detection model ANOMALY DETECTION MODEL:  IDS methodology is an approach called anomaly detection or behavior-based detection.  This model works by establishing accepted baselines or rules and noting exceptional differences
  • 14.  If an ids looks only at network packet headers for differences it is called as protocol anomaly detection. This model triggers off when the following events occur a) Unusual user account activity b) Excessive file and object accesses c) High cpu utilization d) Inappropriate protocol use e) Unusual login frequency f) High number of sessions g) Unusual content
  • 16. Advantages:  Analyzes ongoing traffic, activity, transactions, and behavior for anomalies.  Potential to detect previously unknown types of attacks.  Catalogs the differences between baseline behavior and ongoing activity. Disadvantages:  Prone to false positives.  Heavy processing overhead.  Vulnerable to attack while creating time consuming, statistically significant baselines.
  • 17. Signature detection model:  The defined patterns of code are called as signatures and often treated as a rule when included in ids.  Signature-based IDS use a database of traffic and activity patterns related to known attacks. The patterns are called attack signatures.  These signatures and rules can be collected together into larger sets called signature databases or rule sets.
  • 18.  Advantages: Examines ongoing activity and matches against patterns of previously observed attacks. Works extremely well against previously observed attacks.  Disadvantages: Signature databases must be constantly updated. Must compare and match activities against large collections of attack signatures. Specific signature definitions may miss variations on known attacks. May impose noticeable performance drags on systems.
  • 19. Misuse Detection:  Expert Systems Keystroke monitoring  Model Based Intrusion Detection
  • 20. NEW ARCHITECTURE Mobile IDS Agents The Local Audit Trial The Local Intrusion Database ( LID ) The Secure Communication Module The Anomaly Detection Modules ( ADM s The Misuse Detection Modules ( MDM) s Stationary Secure Database
  • 21.
  • 22. IMPLEMENTED APPROACHES IEEE 802.11 a) Open System Authentication. b) Shared Key Authentication. Secure key generation and distribution Mitigating Routing Misbehavior:( Sergio Marti et al. [19])
  • 23. ADVANTAGES:  Monitors an entire network with only a few well-placed nodes  Mostly passive devices  Low Overhead and limited number of resources are used even in the large network.  Easy to secure against attack  Mostly undetectable to attackers or intruders because they are completely hidden in the network.  Easy to install  NIDS can be used in the present networks without interrupting conventional network operations.
  • 24. DISADVANTAGES:  May not be able to monitor and analyze all traffic on large, busy networks  Vulnerable to attacks launched during peak traffic periods on large busy networks  Not able to monitor switch-based (high-speed) networks effectively  Typically unable to analyze encrypted data or not suitable for encrypted traffic.  Does not always report success or failure of attempted attacks  Require active manual involvement by network administrators or security administrators.
  • 25. CONCLUSION:  As NIDS technologies continue to evolve, they will more closely resemble their real-world counterparts. In the future, NIDS, firewalls, VPNs, and related security technologies will all come to interoperate to a much higher degree. The current generation of IDS (HIDS and NIDS) is quite effective already; as they continue to improve they will become the backbone of the more flexible security systems we expect to see in the not-too-distant future.
  翻译: