ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WIRED AND WIRELESS ENVIRONMENT
Shalvi Dave1, Bhushan Trivedi2 and Jimit Mahadevia3
1Department of MCA, Indus University, Ahmedabad
2Director, MCA, GLSICT,Ahmedabad
3Elitecore Technologies Pvt. Ltd., Ahmedabad
ABSTRACT
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
Original Source URL: http://airccse.org/journal/nsa/0313nsa08.pdf
Volume Link: http://airccse.org/journal/jnsa13_current.html
http://airccse.org/journal/ijnsa.html
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WIRED AND WIRELESS ENVIRONMENT
Shalvi Dave1, Bhushan Trivedi2 and Jimit Mahadevia3
1Department of MCA, Indus University, Ahmedabad
2Director, MCA, GLSICT,Ahmedabad
3Elitecore Technologies Pvt. Ltd., Ahmedabad
ABSTRACT
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
Original Source URL: http://airccse.org/journal/nsa/0313nsa08.pdf
Volume Link: http://airccse.org/journal/jnsa13_current.html
No comments:
Post a Comment