Question

In: Computer Science

Describe and explain the advantages and disadvantages of network-based and host-based intrusion detection categories.

Describe and explain the advantages and disadvantages of network-based and host-based intrusion detection categories.

Solutions

Expert Solution

Some of the advantages of Host based Intrusion detection are:

  • Host-base intrusion systems are able to verify if an attack was successful or not, whereas a network based IDS is capable of only giving an alert of the attack.
  • They monitors all the users’ activities which is not available in a network based system
  • They provide capability of identifying attacks that originate from inside the host.
  • Host based IDS can analyze and profile the decrypted traffic to find attack signature-thus giving them the ability to monitor encrypted traffic.
  • Host based IDS do not need any extra hardware since they can be installed in the existing servers.
  • Host based IDS are very cheap for a small sized network.

Disadvantages:

  • The host based IDS can be compromised if the host server is under attack.
  • They need extra computation power from the host where it resides
  • They are ineffective during DDOS attacks.

Advantages of network based IDS are:

  • They Can Be Tuned to Specific Content in Network Packets

  • They Can Look at Data in the Context of the Protocol

  • They Can Qualify and Quantify Attacks

  • They Make It Easier to Keep Up With Regulation

Disadvantages are:

  • They Will Not Prevent Incidents By Themselves

  • An Experienced Engineer Is Needed to Administer Them

  • They Do Not Process Encrypted Packets


Related Solutions

1- Identify and describe the categories and models of intrusion detection and prevention systems. 2- Define...
1- Identify and describe the categories and models of intrusion detection and prevention systems. 2- Define and describe honeypots, honeynets,and padded cell systems.
An intrusion detection system (IDS) is a device or software application that monitors network or system...
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station
Describe in detail the intrusion detection and prevention measures that you will deploy in your organization....
Describe in detail the intrusion detection and prevention measures that you will deploy in your organization. Your discussion should also include the following: Describe in detail the intrusion detection and prevention measures that you will deploy in your organization. Your discussion should also include the following: [T3.1] IDS type and why you will need it [T3.2] IPS type and why you will need it [T3.3] The proposal of the appropriate positions for IDS/IPS in a network topology in order to...
Is your host country business a first or second mover? Explain the advantages and disadvantages you...
Is your host country business a first or second mover? Explain the advantages and disadvantages you face. Host country: Seattle USA.  Home country: Japan What is meant by a first mover and a second mover? Which of these is your host country business? Describe in detail, 3 advantages of this position to your host country business
1. Explain the factors that might lead to network intrusion through wireless connections. 2. Describe a...
1. Explain the factors that might lead to network intrusion through wireless connections. 2. Describe a cybersecurity attack or data breach that affected you personally.
SDS-PAGE and Western blotting: Detection chemistries and advantages/disadvantages + linearity, saturation and sigmoidal detection.
SDS-PAGE and Western blotting: Detection chemistries and advantages/disadvantages + linearity, saturation and sigmoidal detection.
Identify and describe the legal categories of a business organization contrasting tax-related advantages and disadvantages.
Identify and describe the legal categories of a business organization contrasting tax-related advantages and disadvantages.
Please explain as much as possible. 1. Demonstrate an understanding of how Intrusion Detection Systems and...
Please explain as much as possible. 1. Demonstrate an understanding of how Intrusion Detection Systems and protocol analyzers work. 2. Demonstrate an understanding of how to use event logs, session data, and network communication to find and remediate network intrusions 3. Demonstrate understanding of network security monitoring and incident response
10. Discuss the advantages and disadvantages of the network organization design.
10. Discuss the advantages and disadvantages of the network organization design.
What are the four categories of exchange rate systems? And what are the advantages and disadvantages...
What are the four categories of exchange rate systems? And what are the advantages and disadvantages of each?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT