Register Account

Free Academic Seminars And Projects Reports General Talks General Discussion Projects and Seminars intrusion detection system project in java report with source code

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options  
intrusion detection system project in java report with source code
karan_vikesh Offline
Member
***
Posts: 50
Threads: 30
Joined: Jul 2009
Reputation: 0
#1
10-04-2017, 09:14 PM

The Evolution of Intrusion Detection Systems
by Paul Innella, Tetrad Digital Integrity, LLC
last updated November 16, 2001
Introduction

I am currently working with a client who asked me to choose an intrusion detection system (IDS) to deploy in their environment. I have been working with intrusion detection since it was virtually unknown, so it would seem the decision would be quite simple. On the contrary, with all of the different components and vendors to choose from, IDS offerings have become pretty complex. That led me to wonder how IDS technology has progressed to its current state. So, I invested some time trying to figure it out. Now that I have, let me tell you, it is enough to induce a headache. Nonetheless, I wrote this article to share my findings with you. If you are ready for a discussion about the evolution of IDS, then read on; however, be forewarned, the history of intrusion detection is as confusing as Greenspan's economic strategies.

IDS Components

Before we get started, let me provide a layman's description of the primary IDS components:

Network Intrusion Detection (NID)

Network intrusion detection deals with information passing on the wire between hosts. Typically referred to as "packet-sniffers," network intrusion detection devices intercept packets traveling along various communication mediums and protocols, usually TCP/IP. Once captured, the packets are analyzed in a number of different ways. Some NID devices will simply compare the packet to a signature database consisting of known attacks and malicious packet "fingerprints", while others will look for anomalous packet activity that might indicate malicious behavior. In either case, network intrusion detection should be regarded primarily as a perimeter defense.

NID has historically been incapable of operating in the following environments:

Switched networks
Encrypted networks
High-speed networks (anything over 100 Mbps)
Recently, however, Cisco released a module for their Catalyst 6000 switch that incorporates network intrusion detection directly in the switch, overcoming the first of these flaws. Additionally, ISS/Network ICE indicated that they are now capable of "packet-sniffing" at gigabit speeds.
Find
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

Powered By MyBB, © 2002-2024 iAndrew & Melroy van den Berg.