Essay Available:
You are here: Home → Essay → Literature & Language
Pages:
10 pages/≈2750 words
Sources:
3 Sources
Level:
MLA
Subject:
Literature & Language
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 36
Topic:
A Bout The System Of Monitoring The Software Network (Essay Sample)
Instructions:
The essay is a bout the system of monitoring the software network
source..Content:
Name
Tutor
Course
Date
Intrusion Detection System
An (IDS) is an application that uses software that is used to monitor a network so that it can detect any activity that is malicious. If a malicious activity or any form of violation is detected, the information is immediately relayed to an administrator, or it is centrally collected. The collection is done using a system called security management and information (SIEM).The SIEM system makes use of a combination of outs that come from several sources and using the techniques called alarm system to differentiate an activity that is malicious and the alarms that are false. The IDS are of different spectrum that ranges from the software for the antivirus to the systems that monitor the traffic of the whole backbone network. The two most common categories of the IDS are the network intrusion system and the intrusion system that is host-based. (Abdullah 60).
Any system that monitors the necessary files for operating systems is an example of HIDS and the System That Does the Analysis of the network traffic that is incoming is an example of NIDS.Another form of classifying IDS is through the use of the method of detection. Under this category, there are the detectors that use the signature to do the detection. They can detect and recognize the bad patterns such as the malware. The other group is the one that detects anomalies (anomaly-based detection).They can detect any deviations from the normal traffic model. They rely on the machine learning. A few NIDS can respond immediately to the intrusions that have been detected. The systems that have the ability to respond are referred to as the intrusion prevention systems (Abdullah 62).
NIDS are placed at points that are strategic so that they can monitor the to and fro traffic flow of all the devices that are within the network. It analyses the who traffic that passes through the whole subnet. It then tries to match the traffic that is moving to the subnets to the library comprising of the known attacks. The moment a behavior that is abnormal or an attack is identified, the alert will automatically be sent to the administrator. The most commonly used tools for the simulation of the NIDS are the OPNET and Netsim.The have the ability to compare signatures packets so that it create a link and then drop the harmful packets that have been detected if they have a signature that matches the library records in the NIDS.If the NIDS are classified according to the interactivity of the system, there are 2 types namely: The online which deals with the network immediately an abnormality is detected. It analyses the Ethernet packets and using the program rules that are set; it is able to decipher whether it is an attack or not. The offline DIDS deals with the data that is stored and takes it through certain processes to make a decision whether it is an attack or not.
The Intrusion Prevention System (IPS)
This is a technology that is used to prevent to prevent any threats to the network. It examines how the network flows and with the aim of detecting and preventing any vulnerabilities. The vulnerability in exploits comes through the introduction of a malicious input to the application that is targeted. It prevents the inputs that are malicious which are used by hackers with the aim of gaining control of a machine. The hacker is able to render the application useless because it cannot be used if he/she manages to penetrate the system that is the target successfully. This will result in the machine or application losing its service. Sometimes, the attacker can access all the information that the application that the targeted has been compromised has. The HIDS operate on individual devices on the network. This only does the monitoring of outbound and outbound packets from only the device. It will make the user aware if anything that is suspicious is detected. If for instance, the vital files were either deleted or modified, the administrator will be alerted to do an investigation. HIDS are commonly seen on the machines that are mission critical whose configurations are not expected to be changed. The IDS can also be made to be system specific if the custom tools are used. ( Harold and Micki 993).
The IPS is placed just directly behind the fireball so that it can provide a layer of analysis that is complementary against any dangerous content. The IPS is inline and active whereby it is in the direct communication between the destination and source. It is always actively doing an analysis as it takes actions that are automatic on all the traffic flows that enter the network. The actions include the following:
* Automatic sending of an alarm to the administrator
* The packets that are malicious are dropped
* The traffic from the source address is blocked
* The connection is reset
The IPS has several methods of detecting exploits, but the main ones are the anomaly-based and the statistical one. The signature-based mode of detection relies on the dictionary that contains the patterns that are uniquely identified. The moment an exploit is identified, its unique signature is recorded and kept in a dictionary containing signatures that are ever growing.
Both systems have the following limitations:
* Noise can affect the effectiveness of the IDS.Sometimes the packets that are bad that are generated by the bugs from the software can make the data to be corrupted, and the false alarm can be created by packets that escaped.
* In some cases, the number of real attacks is more than the number of the false alarms created. This makes the real attacks to be either missed or ignored.
* If the signature that is used in the IDS is outdated, it will be left vulnerable to the attacks.
The Difference between IDS and IPS
There are so many challenges while trying to maintain the security of network that is open for the customers to use. Modern cyber attackers are so sophisticated that they can hack and stop even the best security systems that are installed by computer experts. There should be no assumption that firewalls and encryption can protect computers. Those are too basic for the modern-day hacker. Those technologies cannot prevent current attacks. Though the two have the same base, they join the network at different places, their functions are different and the problems that they solve are also different. An IDS is a system that is used to monitor and detect any activities that are incorrect, inappropriate and anomalous in the network while an IPS detects any attacks before it intrudes and takes the necessary measures to prevent it. Therefore, the main difference is that the IPS takes immediate automatic steps to ensure that the attack does not go beyond the point of intrusion thus preventing it. The system does that by releasing the packets that are malicious hence prevent the network traffic that comes from the IPS that is malicious. It is an extension of IDS because it prevents attacks after detecting them. The IDs monitors the network activities that are not authorized. The IDS also uses the stateful protocol analysis whereby it does a comparison of the profiles that are predetermined of the definitions that are generally accepted to detect any deviations. For full protection, it is important is important to use both systems. This is vital so that the IPS can prevent the applications against any attacks as use the IDS to fight ant-malware that may have intruded the network.
How to secure your personal Mobile Device
Tablets, smartphones and other mobile devices have become integral in the lives of people. This is because there are certain activities that cannot be performed without them, therefore; life will be incomplete without them. Though these devices are important, when one sends an email, a text message, banking, shopping and other mobile transactions, the users are exposed to hackers who can easily access their personal information including their bank accounts. It is vital to take precautions to secure the applications and other devices that have important information.This is important so that the privates and sensitive information is not left vulnerable. In recent years, this kind of vulnerability has increased threefold. The following are some of the steps that need to be taken so that the mobile devices are protected against the hackers:
* Ensure that your mobile device is physically protected by choosing a password that is not simple for somebody to guess. Avoid the use of common words as passwords. Equally, do not use your birthday as a password or your family members name or even a pet. It is very easy for somebody to guess such names and digits, therefore, becoming vulnerable. At the same, time one should make sure that he/she does not share the password with anybody.
* Set your device on the auto-lock features. One needs to set the length of time after stopping its use that it can lock itself. Five minutes is a good period.
* Avoid sharing your device with other people more especially the ones that you do not trust. If it is necessary to share the device, it will be important to open more than one account and have different passwords. This will ensure the safety of your information as well as the privacy of the information that the gadget contains.However, it is important that devices like mobile phones are not shared.
* In case the mobile device is lost, it is important to report immediately to the police and the service providers. It is also advisable to change the password immediately the device is lost, stolen or misplaced.
* It is important to sync data on the phone to either a laptop or a desktop. In case the phone is lost or damaged, it will be easier to trace the information because of that backup system. Some systems like the Apple iCloud give automatic data encryption and backup.
* It is important that all the mobile ...
Tutor
Course
Date
Intrusion Detection System
An (IDS) is an application that uses software that is used to monitor a network so that it can detect any activity that is malicious. If a malicious activity or any form of violation is detected, the information is immediately relayed to an administrator, or it is centrally collected. The collection is done using a system called security management and information (SIEM).The SIEM system makes use of a combination of outs that come from several sources and using the techniques called alarm system to differentiate an activity that is malicious and the alarms that are false. The IDS are of different spectrum that ranges from the software for the antivirus to the systems that monitor the traffic of the whole backbone network. The two most common categories of the IDS are the network intrusion system and the intrusion system that is host-based. (Abdullah 60).
Any system that monitors the necessary files for operating systems is an example of HIDS and the System That Does the Analysis of the network traffic that is incoming is an example of NIDS.Another form of classifying IDS is through the use of the method of detection. Under this category, there are the detectors that use the signature to do the detection. They can detect and recognize the bad patterns such as the malware. The other group is the one that detects anomalies (anomaly-based detection).They can detect any deviations from the normal traffic model. They rely on the machine learning. A few NIDS can respond immediately to the intrusions that have been detected. The systems that have the ability to respond are referred to as the intrusion prevention systems (Abdullah 62).
NIDS are placed at points that are strategic so that they can monitor the to and fro traffic flow of all the devices that are within the network. It analyses the who traffic that passes through the whole subnet. It then tries to match the traffic that is moving to the subnets to the library comprising of the known attacks. The moment a behavior that is abnormal or an attack is identified, the alert will automatically be sent to the administrator. The most commonly used tools for the simulation of the NIDS are the OPNET and Netsim.The have the ability to compare signatures packets so that it create a link and then drop the harmful packets that have been detected if they have a signature that matches the library records in the NIDS.If the NIDS are classified according to the interactivity of the system, there are 2 types namely: The online which deals with the network immediately an abnormality is detected. It analyses the Ethernet packets and using the program rules that are set; it is able to decipher whether it is an attack or not. The offline DIDS deals with the data that is stored and takes it through certain processes to make a decision whether it is an attack or not.
The Intrusion Prevention System (IPS)
This is a technology that is used to prevent to prevent any threats to the network. It examines how the network flows and with the aim of detecting and preventing any vulnerabilities. The vulnerability in exploits comes through the introduction of a malicious input to the application that is targeted. It prevents the inputs that are malicious which are used by hackers with the aim of gaining control of a machine. The hacker is able to render the application useless because it cannot be used if he/she manages to penetrate the system that is the target successfully. This will result in the machine or application losing its service. Sometimes, the attacker can access all the information that the application that the targeted has been compromised has. The HIDS operate on individual devices on the network. This only does the monitoring of outbound and outbound packets from only the device. It will make the user aware if anything that is suspicious is detected. If for instance, the vital files were either deleted or modified, the administrator will be alerted to do an investigation. HIDS are commonly seen on the machines that are mission critical whose configurations are not expected to be changed. The IDS can also be made to be system specific if the custom tools are used. ( Harold and Micki 993).
The IPS is placed just directly behind the fireball so that it can provide a layer of analysis that is complementary against any dangerous content. The IPS is inline and active whereby it is in the direct communication between the destination and source. It is always actively doing an analysis as it takes actions that are automatic on all the traffic flows that enter the network. The actions include the following:
* Automatic sending of an alarm to the administrator
* The packets that are malicious are dropped
* The traffic from the source address is blocked
* The connection is reset
The IPS has several methods of detecting exploits, but the main ones are the anomaly-based and the statistical one. The signature-based mode of detection relies on the dictionary that contains the patterns that are uniquely identified. The moment an exploit is identified, its unique signature is recorded and kept in a dictionary containing signatures that are ever growing.
Both systems have the following limitations:
* Noise can affect the effectiveness of the IDS.Sometimes the packets that are bad that are generated by the bugs from the software can make the data to be corrupted, and the false alarm can be created by packets that escaped.
* In some cases, the number of real attacks is more than the number of the false alarms created. This makes the real attacks to be either missed or ignored.
* If the signature that is used in the IDS is outdated, it will be left vulnerable to the attacks.
The Difference between IDS and IPS
There are so many challenges while trying to maintain the security of network that is open for the customers to use. Modern cyber attackers are so sophisticated that they can hack and stop even the best security systems that are installed by computer experts. There should be no assumption that firewalls and encryption can protect computers. Those are too basic for the modern-day hacker. Those technologies cannot prevent current attacks. Though the two have the same base, they join the network at different places, their functions are different and the problems that they solve are also different. An IDS is a system that is used to monitor and detect any activities that are incorrect, inappropriate and anomalous in the network while an IPS detects any attacks before it intrudes and takes the necessary measures to prevent it. Therefore, the main difference is that the IPS takes immediate automatic steps to ensure that the attack does not go beyond the point of intrusion thus preventing it. The system does that by releasing the packets that are malicious hence prevent the network traffic that comes from the IPS that is malicious. It is an extension of IDS because it prevents attacks after detecting them. The IDs monitors the network activities that are not authorized. The IDS also uses the stateful protocol analysis whereby it does a comparison of the profiles that are predetermined of the definitions that are generally accepted to detect any deviations. For full protection, it is important is important to use both systems. This is vital so that the IPS can prevent the applications against any attacks as use the IDS to fight ant-malware that may have intruded the network.
How to secure your personal Mobile Device
Tablets, smartphones and other mobile devices have become integral in the lives of people. This is because there are certain activities that cannot be performed without them, therefore; life will be incomplete without them. Though these devices are important, when one sends an email, a text message, banking, shopping and other mobile transactions, the users are exposed to hackers who can easily access their personal information including their bank accounts. It is vital to take precautions to secure the applications and other devices that have important information.This is important so that the privates and sensitive information is not left vulnerable. In recent years, this kind of vulnerability has increased threefold. The following are some of the steps that need to be taken so that the mobile devices are protected against the hackers:
* Ensure that your mobile device is physically protected by choosing a password that is not simple for somebody to guess. Avoid the use of common words as passwords. Equally, do not use your birthday as a password or your family members name or even a pet. It is very easy for somebody to guess such names and digits, therefore, becoming vulnerable. At the same, time one should make sure that he/she does not share the password with anybody.
* Set your device on the auto-lock features. One needs to set the length of time after stopping its use that it can lock itself. Five minutes is a good period.
* Avoid sharing your device with other people more especially the ones that you do not trust. If it is necessary to share the device, it will be important to open more than one account and have different passwords. This will ensure the safety of your information as well as the privacy of the information that the gadget contains.However, it is important that devices like mobile phones are not shared.
* In case the mobile device is lost, it is important to report immediately to the police and the service providers. It is also advisable to change the password immediately the device is lost, stolen or misplaced.
* It is important to sync data on the phone to either a laptop or a desktop. In case the phone is lost or damaged, it will be easier to trace the information because of that backup system. Some systems like the Apple iCloud give automatic data encryption and backup.
* It is important that all the mobile ...
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Other Topics:
- St. Thomas Aquinas and Augustine Research AssignmentDescription: For both Augustine and Aquinas, God is the "original" or "exemplar" of which all created things are images or likenesses...6 pages/≈1650 words| 2 Sources | MLA | Literature & Language | Essay |
- Describes The Political System Of Texas And The National GovernmentDescription: The political system of Texas is currently divided into four branches namely the executive, the judiciary, the local government and the legislative branch...2 pages/≈550 words| No Sources | MLA | Literature & Language | Essay |
- Qing Regime Period Research AssignmentDescription: Is proposition that is put forward for consideration, especially one to be discussed and proved or to be maintained as against objections...5 pages/≈1375 words| 5 Sources | MLA | Literature & Language | Essay |