Historically, firewall software and access control were the most crucial elements employed in order to protect servers, hosts and computer networks. Nowadays, intrusion detection systems (IDSs) are getting focus and the use of these kinds of systems is growing. This dissertation discusses commercial IDSs and the future path of these systems. A model and taxonomy for IDSs and the technologies powering intrusion detection is introduced. These days, numerous difficulties exist which impact the effective use of intrusion detection systems. The decreasing confidence in the notifications generated by IDSs is proportional to critical issues like false positives. By researching Intrusion Detection Systems IDS technologies and examining interviews carried out with security departments at banks, this dissertation pinpoints the main issues in IDSs today. The discovered concerns, along with recent Intrusion Detection Systems IDS research reports, are utilized to suggest the future direction of commercial intrusion detection systems…
Contents: Intrusion Detection Systems: Technologies, Weaknesses and Trends
1 INTRODUCTION
1.1 BACKGROUND
1.2 METHODOLOGY
1.2.1 Research
1.2.2 Interviews
1.3 DOCUMENT OUTLINE
1.4 TARGET AUDIENCE
2 COMPUTER SECURITY BACKGROUND
2.1 A SECURE COMPUTER SYSTEM
2.2 TRADITIONAL COMPUTER SECURITY
2.3 THREATS
2.3.1 External Penetration
2.3.2 Internal Penetration
2.3.3 Misfeasance
2.4 VULNERABILITIES
2.4.1 Design
2.4.2 Management
2.4.3 Trust
2.5 ATTACKS
3 INTRUSION DETECTION BACKGROUND
3.1 BASIC IDS TERMINOLOGY
3.2 AN Intrusion Detection Systems IDS-MODEL
3.2.1 Audit Source
3.2.2 Collector
3.2.3 Analyzer
3.2.4 Response Unit
3.2.5 Policy Rules
3.2.6 Event Database
3.3 TAXONOMY
3.3.1 Audit Source Location
3.3.2 Detection Method
3.3.3 Behaviour on Detection
3.3.4 Usage Frequency
3.3.5 Detection Paradigm
4 IDS TODAY
4.1 AUDIT SOURCE LOCATION
4.1.1 Network Packets
4.1.2 Host and Application Log Files
4.1.3 System and API Calls
4.1.4 Intrusion Detection Systems IDS Sensor Alerts
4.2 DETECTION METHODS
4.2.1 Knowledge-based
4.2.2 Behaviour-based
4.3 BEHAVIOUR ON DETECTION
4.3.1 Passive Response
4.3.2 Reactive Response
4.3.3 Proactive Response
4.3.4 Post Processing
4.4 USAGE FREQUENCY
4.5 DETECTION PARADIGM
5 PROBLEMS AND CHALLENGES
5.1 AUDIT SOURCE LOCATION
5.1.1 Network Packets
5.1.2 Host and Application Log Files
5.1.3 System and API Calls
5.1.4 IDS Sensor Alerts
5.2 DETECTION METHOD
5.2.1 Knowledge-based
5.2.2 Behaviour-based
5.3 BEHAVIOUR ON DETECTION
5.3.1 Passive Alerting
5.3.2 Reactive Response
5.3.3 Proactive Response
5.4 USAGE FREQUENCY
5.5 DETECTION PARADIGM
6 RESULT OF THE INTERVIEWS
6.1 THE USE OF Intrusion Detection Systems IDS TODAY
6.2 IDENTIFIED PROBLEMS AND THE FUTURE OF IDS
6.3 CONCLUSION
7 RECENT RESEARCH ADVANCES
7.1 DETECTION METHODS
7.1.1 Knowledge-based
7.1.2 Behaviour-based
7.2 LEARNING NEW ATTACKS
7.3 ATTACK PATTERNS
7.4 TESTING IDSS
7.5 PERFORMANCE ISSUES
7.6 BENEFITS OF NIDS
7.7 CONCLUSIONS…
Intrusion Detection Systems: Technologies, Weaknesses and Trends Downloads
Source: Linköping University
Download URL 2: Visit Now