Intrusion Detection: Problem, Significance Report - Analysis

Verified

Added on 2020/05/16

AI Summary

This report focuses on Intrusion Detection Systems (IDS) and their importance in maintaining network security. It begins by defining intrusion as unauthorized access to a network and highlights the increasing threat of cyberattacks. The report explores the functionality of IDS, including Network Intrusion Detection Systems (NIDS) and Host Intrusion Detection Systems (HIDS), and differentiates them from firewalls. The problem statement addresses the challenges of detecting new types of attacks and the potential for false positives. The relevance and significance section emphasizes the role of IDS in detecting and alerting administrators to malicious activities, creating signature lists, and establishing system baselines. The report concludes by reinforcing the necessity of IDS in the face of growing internet-based threats and the prioritization of proactive security measures. It underscores the use of IDS as a crucial tool for detecting and preventing various cyberattacks, providing references to support the analysis.

Running Head: INTRUSION DETECTION
INTRUSION DETECTION
PROBLEM AND SIGNIFICANCE

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

INTRUSION DETECTION 1
Table of Contents
Introduction...........................................................................................................................................1
Problem Statement................................................................................................................................2
Relevance and Significance...................................................................................................................3
Conclusion.............................................................................................................................................3
References.............................................................................................................................................4

INTRUSION DETECTION 2
Introduction
Security is crucial in computer system and viruses are major threats. Similarly, like
viruses intrusion is a worm. Intrusion is any unauthorized access that tries to intrude into the
privacy of network and penetrates the security system as a legitimate user.
Nowadays, information is stored digitally instead of old-style storage method. Thus all
organization looks for security before sharing their valuable assets. It’s important to keep that
valuable information safe from attackers
Intrusion Detection System monitors system or network from malicious activities. Two
popular ID systems are Network Intrusion Detection System (NIDS) and Host Intrusion
Detection System (HIDS). NIDS investigate the traffic from all devices on network and if
any abnormal behaviour is sensed, system administer is altered. HIDS is placed on a single
host and look for the suspicious actions on a single host (Barnard, R 2018).
IDS are beyond firewalls as firewall looks for intrusion and stop them from happening they
also limit access between networks to prevent intrusions and do not give alter about an attack
in the network wherein IDS are designed to look into data itself and watches for attack that
originate within the system (TechTarget, 2108). They can directly stop OS or buffer
overflows; can even look at application vulnerabilities. Intrusion Detection is basically
designed to get details of what’s going on network future allows or denies based on particular
rules.
Problem Statement
From last few years, network attacks have increased thus IDS has become necessary
addition to security infrastructure of most organisation. IDS detects weather a network in
under attack or not but cannot take actions automatically to prevent the failure. The main
concern is to detect an intrusion as it happens and respond to it quickly (Beigh and Bashir,
2013). But the problem occurs when some new kind of attack occur.
There could be a problem if IDS incorrectly classifies some traffic as malicious can blocks
valid user from accessing the source. IDS deeply investigate the packet by accessing the
payload of each packet and aggregates network information.

INTRUSION DETECTION 3
Having security gives feeling of secure, rather than actually being secured. Hackers have
found the modern way to attack or exploit the system by using updated tools to break the
network. To resolve this intrusion detection system are used they keep an eagle eye on the
system (Ashoor, 2018).
An intrusion violets the confidentiality, integrity and availability therefore it is important to
monitor such events which allows access of resource to unauthorised users. The goal of IDS
is to aware system admin whenever intruder penetrates the network by taking predefined
actions like blocking of IP addresses.
Relevance and Significance
Detection of an attack is the main part to identify the incorrect behaviour. IDS use
certain policies to give an alert about an attack. IDS software creates a signature list of
malwares and compares it with upcoming threats future blocks the attack if it on the list. It
also creates system baseline to locate abnormalities from baseline. It provides admin a way to
organize and understand attacks to aim security control measures.
IDS continuously trail network traffic for network misuse or abuse policy. They aim for
catching the attacker before they do real damage to network. Snot is widely used intrusion
detection system which is available freely and is used to detect emerging threats. Some
Detection software’s are open source and provides a user friendly interface to manage
security.
IDS ensure file integrity, analyses systems configurations, recognizes patterns of attack,
tracking violations. To attain a high level of security IDS technology is used. This software
application inspects the access of unauthorized users and reports the admin to stop attacks
and several security decisions can be taken automatically.
Hence a fast and upright algorithm is needed which can sense the attack thoroughly and
quickly for securing the information of a company. They monitor packets transmitting over
network from damaging the network (OpenSouce, 2107). After detecting malicious traffic
IDS issues a warning notification to reject the malicious packets.
It is a best method to stop an attacker when they are still at beachhead before they spread
further. Prevention is ideal but detection is must.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

INTRUSION DETECTION 4
Conclusion
As everyone is connected to internet, probability of attack has increased. Resolving this
problem is the key concern for all the Organization. Security teams have prioritized to stop
these attacks before occurring rather than recovering from them later on. Intrusion Detection
System is used as a tool for detecting different attacks and concurrently prevents them.

INTRUSION DETECTION 5
References
Ashoor, S (2018), ' Importance of Intrusion Detection System', International Journal of
Scientific Engineering Research pp. 1-7.
Barnard, R (2018) , Intrusion Detection Systems, Gulf Professional.
Beigh and Bashir (2013), 'Intrusion Detection and Prevention System', International Journal
of Computer Applications, vol.76, pp. 26-30.
OpenSouce, (2107), Intrusion detection system (IDS), viewed 25 January
,<http://opensourceforu.com/2011/01/importance-of-intrusion-prevention-systems/>.
TechTarget, (2018), Intrusion detection system (IDS), viewed 25 January
,<http://searchsecurity.techtarget.com/definition/intrusion-detection-system>.