IJCNIS Vol. 6, No. 8, 8 Jul. 2014
Cover page and Table of Contents: PDF (size: 743KB)
Full Text (PDF, 743KB), PP.41-47
Views: 0 Downloads: 0
IDS, NIDS, HIDS, OSSEC, SNORT, Se-curity
Intrusion-detection systems (IDS) aim at de-tecting attacks against computer systems and networks or, in general, against information systems. Its basic aim is to protect the system against malwares and unauthorized access of a network or a system. Intrusion Detection is of two types Network-IDS and Host Based- IDS. This paper covers the scope of both the types and their result analysis along with their comparison as stated. OSSEC (HIDS) is a free, open source host-base intrusion detection system. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting and active response. While Snort (NIDS) is a lightweight intrusion detection system that can log packets coming across your network and can alert the user regarding any attack. Both are efficient in their own distinct fields.
Amrit Pal Singh, Manik Deep Singh, "Analysis of Host-Based and Network-Based Intrusion Detection System", International Journal of Computer Network and Information Security(IJCNIS), vol.6, no.8, pp.41-47, 2014. DOI:10.5815/ijcnis.2014.08.06
[1]Pieter de Boer, Martin Pels, "Host-based Intrusion Detec-tion Systems", Revision 1.10 – 2005, p: 5-7.
[2]Corry Janssen, "Network-Based Intrusion Detection Sys-tem (NIDS)" , 12941- techopedia, p: 1.
[3]V. Jaiganesh, S. Mangayarkarasi, Dr. P. Sumathi, Intrusion Detection Systems: A Survey and Analysis of Classification Techniques", International Journal of Advanced Research in Computer and Communication Engineering Vol. 2, Issue 4, April 2013, p: 2.
[4]Bilal Maqbool Beigh, Prof. M.A. Peer, " IntrusionDetec-tion and Prevention System: Classification and Quick Re-view", ARPN Journal of Science and Technology 2012, p: 5.
[5]James Cannady, Jay Harrell, "A Comparative Analysis of Current Intrusion Detection Techn-ologies", p: 6.
[6]Anton Chuvakin, Vladislav V. Myasnyankin, “Complete Snort-based IDS Architec-ture", Part One, 2002, p:3-5
[7]Joseph Dries, An Introduction to snort: A Light-weight Intrusion Detection System, 2001, p:8
[8]Ossec Manual (OSSEC official website), syscheck, p: 2.
[9]Ossec Manual (OSSEC official website), Database-Output, p: 1.
[10]Ossec Manual (OSSEC official website), Pre-lude Output, p: 1.
[11]Kang Hong, Zhang Jiangang, “An Improved Snort Intru-sion Detection System Based on Self-Similar Traffic mode”, Computer Network and Multimedia Technology, 2009. CNMT 2009. International Symposium on, 18-20 Jan. 2009, doi: 10.1109, p: 1 – 4.
[12]Zhimin Zhou, Chen Zhongwen, Zhou Tiecheng, Guan Xiaohui, “ The Study On Network Intrusion Detection Sys-tem of Snort”, Networking and Digital Society (ICNDS), 2010 2nd International Conference on (Volume:2), 30-31, May 2010, doi: 10.1109, p: 194-196.
[13]Chris Murphy, David Shinberg, “An Analysis of the snort Data Acquisition Modules”, SANS Institute InfoSec Read-ing Room 34027, 2012, p: 15.
[14]Ricky M.Magalhaes, “ Host-Based IDS vs Network-Based IDS (Part1)”, 2003, p: 2.
[15]Bhavani Sunke, thesis: “Research and Analysis of Network Intrusion Detection System”, 2008, p: 25-26.