INFORMATION CHANGE THE WORLD

International Journal of Computer Network and Information Security(IJCNIS)

ISSN: 2074-9090 (Print), ISSN: 2074-9104 (Online)

Published By: MECS Press

IJCNIS Vol.6, No.8, Jul. 2014

Analysis of Host-Based and Network-Based Intrusion Detection System

Full Text (PDF, 742KB), PP.41-47


Views:118   Downloads:10

Author(s)

Amrit Pal Singh, Manik Deep Singh

Index Terms

IDS;NIDS;HIDS;OSSEC;SNORT;Se-curity

Abstract

Intrusion-detection systems (IDS) aim at de-tecting attacks against computer systems and networks or, in general, against information systems. Its basic aim is to protect the system against malwares and unauthorized access of a network or a system. Intrusion Detection is of two types Network-IDS and Host Based- IDS. This paper covers the scope of both the types and their result analysis along with their comparison as stated. OSSEC (HIDS) is a free, open source host-base intrusion detection system. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting and active response. While Snort (NIDS) is a lightweight intrusion detection system that can log packets coming across your network and can alert the user regarding any attack. Both are efficient in their own distinct fields.

Cite This Paper

Amrit Pal Singh, Manik Deep Singh,"Analysis of Host-Based and Network-Based Intrusion Detection System", IJCNIS, vol.6, no.8, pp.41-47, 2014. DOI: 10.5815/ijcnis.2014.08.06

Reference

[1]Pieter de Boer, Martin Pels, "Host-based Intrusion Detec-tion Systems", Revision 1.10 – 2005, p: 5-7.

[2]Corry Janssen, "Network-Based Intrusion Detection Sys-tem (NIDS)" , 12941- techopedia, p: 1.

[3]V. Jaiganesh, S. Mangayarkarasi, Dr. P. Sumathi, Intrusion Detection Systems: A Survey and Analysis of Classification Techniques", International Journal of Advanced Research in Computer and Communication Engineering Vol. 2, Issue 4, April 2013, p: 2.

[4]Bilal Maqbool Beigh, Prof. M.A. Peer, " IntrusionDetec-tion and Prevention System: Classification and Quick Re-view", ARPN Journal of Science and Technology 2012, p: 5.

[5]James Cannady, Jay Harrell, "A Comparative Analysis of Current Intrusion Detection Techn-ologies", p: 6.

[6]Anton Chuvakin, Vladislav V. Myasnyankin, “Complete Snort-based IDS Architec-ture", Part One, 2002, p:3-5

[7]Joseph Dries, An Introduction to snort: A Light-weight Intrusion Detection System, 2001, p:8

[8]Ossec Manual (OSSEC official website), syscheck, p: 2.

[9]Ossec Manual (OSSEC official website), Database-Output, p: 1.

[10]Ossec Manual (OSSEC official website), Pre-lude Output, p: 1.

[11]Kang Hong, Zhang Jiangang, “An Improved Snort Intru-sion Detection System Based on Self-Similar Traffic mode”, Computer Network and Multimedia Technology, 2009. CNMT 2009. International Symposium on, 18-20 Jan. 2009, doi: 10.1109, p: 1 – 4.

[12]Zhimin Zhou, Chen Zhongwen, Zhou Tiecheng, Guan Xiaohui, “ The Study On Network Intrusion Detection Sys-tem of Snort”, Networking and Digital Society (ICNDS), 2010 2nd International Conference on (Volume:2), 30-31, May 2010, doi: 10.1109, p: 194-196.

[13]Chris Murphy, David Shinberg, “An Analysis of the snort Data Acquisition Modules”, SANS Institute InfoSec Read-ing Room 34027, 2012, p: 15.

[14]Ricky M.Magalhaes, “ Host-Based IDS vs Network-Based IDS (Part1)”, 2003, p: 2.

[15]Bhavani Sunke, thesis: “Research and Analysis of Network Intrusion Detection System”, 2008, p: 25-26.