Question

In: Computer Science

Hello, need this answered. thanks ​In IDS, what is the difference between anomaly based monitoring and...

Hello, need this answered. thanks

​In IDS, what is the difference between anomaly based monitoring and signature based monitoring?

Solutions

Expert Solution

The names of both the types of monitoring are pretty good indicators of how they work. The signature based montoring is used for monitoring the types of attacks that are already known. In this system we have a list of known indicators of compromise. It looks at this list and detects the attacks by looking for the specific instructions or behavior that were used for past attacks. However the disadvantage of this type of monitoring is that it cannot detect new types of attacks. Also it requires frequent updations as new types of attacks become known.

The anomaly based monitoring is designed to overcome the limitations of the signature based monitoring of updations and the failure to detect new types of attack. It is trained on what is supposed to be a normal behavior and thus anything unusual in the system will be treated as threat. Though it can provide protection against new attacks, it has the disadvantage that it tends to give too many false positives.

venereology answered 1 week ago
Next > < Previous

Related Solutions

Firewall and IDS: What’s the difference between IDS and Firewall? What is promiscuous mode in IDS?...
Firewall and IDS: What’s the difference between IDS and Firewall? What is promiscuous mode in IDS? What is in-line mode in IDS? When is appropriate to use one or the other in your network? Visit some firewall & IDS vendors’ site such as Palo Alto Networks, Check Point, Cisco, etc., and select product(s) suitable for your project. Justify your selection.
What is the difference between eschar and slough? Thanks!
What is the difference between eschar and slough? Thanks!
need a detailed answer so much. Thanks a lot! The question is: "Describe the difference between...
need a detailed answer so much. Thanks a lot! The question is: "Describe the difference between diffraction and dispersion, by discussing the different physical processes (for example refraction) that give rise to the two phenomena."
I only need the table (sample market share and difference) thanks! Based on sales over a...
I only need the table (sample market share and difference) thanks! Based on sales over a six-month period, the five top-selling compact cars are Chevy Cruze, Ford Focus, Hyundai Elantra, Honda Civic, and Toyota Corolla (Motor Trend, November 2, 2011). Based on total sales, the market shares for these five compact cars were Chevy Cruze 24%, Ford Focus 21%, Hyundai Elantra 20%, Honda Civic 18%, and Toyota Corolla 17%. A sample of 400 compact car sales in Chicago showed the...
Hello I need this written in C# with a few comments thanks Modify the Patient class...
Hello I need this written in C# with a few comments thanks Modify the Patient class to reference a demographic object that contains the patient phone number, email and next of kin. Create a demographic class to store this information. Make sure to create a constructor in the class for this information. Modify the Patient constructor to pass in this additional information at the time of instantiation. Modify the display method to display all the data HERE IS THE CODE...
What is the difference between positive and negative reinforcement? Is there a need to distinguish between...
What is the difference between positive and negative reinforcement? Is there a need to distinguish between the two? If so, what is the practicality of distinguishing the two forms of reinforcement? If not, what would be saved by eliminating the distinction?
what is the difference between commodity based products and value based products?
what is the difference between commodity based products and value based products?
Hello, I need a summary of the article below. Thanks Why Selfies Do More Harm Than...
Hello, I need a summary of the article below. Thanks Why Selfies Do More Harm Than Good Robert Locke Guess one reason why aliens do not want to visit planet Earth. An obvious one is that the whole planet is addicted to posting selfies on the Internet, so aliens would hardly get a look in! Yesterday morning, a major Italian daily newspaper, which is supposed to be a quality paper, published a selfie of the ex Pope Benedict XVI. It...
Hello, would you please show me what is the difference between throat , pharynx, and larynx...
Hello, would you please show me what is the difference between throat , pharynx, and larynx ? it is so hard for me to know what is exactly throat means. Thank you!
Please provide a thorough explanation. thanks ...What is the difference between transactions and economic exposure? Which...
Please provide a thorough explanation. thanks ...What is the difference between transactions and economic exposure? Which can be hedge more easily?
ADVERTISEMENT
Subjects
ADVERTISEMENT
Latest Questions
ADVERTISEMENT