Rule Definition For Anomoly Based Intrusion Detection

    Date27 Jan 2003
    4046
    Posted ByAnthony Pell
    Intrusion Detection Systems are one of the fastest growing technologies in the security space. Unfortunately, many companies find it hard to put it to use due to the complexity of deployment and or lack of information about it possible use. . . . Intrusion Detection Systems are one of the fastest growing technologies in the security space. Unfortunately, many companies find it hard to put it to use due to the complexity of deployment and or lack of information about it possible use. This document should help security experts, integrators, or end-customers to utilize their IDS system to its limits or to fit the expectation required by the company.

    The market is currently filled by rule-based IDS solutions aiming at detecting already known attacks by analyzing traffic flow and looking for known signitures. This fact requres such IDS to be under constant construction updating and modifying attack signitures and requiring to pay a considerable financial amount for support.

    On the other hand, it is possible to use anomoly based IDS solutions detecting not just known attacks, but also unknown attackas and informing network engineers about possible network problems or helping them to troubleshoot them.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Do you read our distribution advisories on a regular basis?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    23
    radio
    [{"id":"84","title":"Yes, for a single distribution","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"85","title":"Yes, for multiple distributions","votes":"6","type":"x","order":"2","pct":60,"resources":[]},{"id":"86","title":"No","votes":"4","type":"x","order":"3","pct":40,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.