Comparison of the Host Based Intrusion Detection Systems and Network Based Intrusion Detection Systems

Efe, Ahmet; ABACI, İrem Nur

doi:10.18466/cbayarfbe.832533

Cited by 5 publications

(3 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Стаття [6] має на меті визначити відмінності між системами виявлення вторгнень на основі хоста (HIDS) і мережевими системами виявлення вторгнень (NIDS) і порівняти інструменти, які використовують HIDS і NIDS. Стверджується, що для кращої гарантії APTатак має бути гібридний підхід IDS, який охоплює як мережі, так і хости, використовуючи як сигнатурні, так і поведінкові механізми виявлення на основі алгоритмів глибокого навчання.…”

Section: аналіз публікаційunclassified

Building an effective network security system of the enterprise based on the method of analyzing hierarchies of quality indicators

Savchenko

2024

MIS

View full text Add to dashboard Cite

The article is devoted to the analysis of the optimal choice of network security systems for enterprises based on the method of pairwise comparison of criteria. The reaction speed, level of protection, integration and reliability of the systems were studied. Considered general requirements for quality and cost. The conclusion is made about the need for a comprehensive approach to system selection and careful consideration of all aspects to ensure effective information protection. The article analyzes the importance of a balanced approach between efficiency and cost when choosing a network security system. The importance of integration with existing systems and taking into account requirements for compliance with security standards is emphasized. The results of the study indicate the need for careful analysis before deciding on the choice of a network security system for the enterprise. Additionally, the article examines the influence of each of the considered criteria on the overall level of enterprise network security and the reliability of information protection. The proposed recommendations on the optimal choice of network security systems can be useful for enterprise management and information security specialists, contributing to the improvement of the overall level of cyber protection. In conclusion, the article offers a comprehensive approach to the selection of network security systems based on an objective comparison of various criteria. Taking into account the speed of response, the level of protection, integration and cost helps enterprises to ensure effective and economical protection of their information resources. The study can be useful both for management deciding on investment in security, and for information security specialists looking for optimal solutions for the specific needs of the enterprise.

show abstract

Section: аналіз публікаційunclassified

Building an effective network security system of the enterprise based on the method of analyzing hierarchies of quality indicators

Savchenko

2024

MIS

View full text Add to dashboard Cite

show abstract

“…On the other hand, if the system will give an allert, there is high probability of its accurance. Therefore it limits False Positive alerting, opposite to Anomaly-based detection systems [8].…”

Section: B Signature-based Detection (Sids)mentioning

confidence: 99%

Intrusion Detection Systems: Categories, attack detection and response.

Lewandowska

2024

Preprint

View full text Add to dashboard Cite

This report covers the analysis of Intrusion Detection Systems nowadays. Therefore, it focuses on the IDS classification, which includes not only a well-known explanation of Network/Host-Based IDS type but also cloud-based solutions. The paper explores ways of intrusion detection, providing examples of the best detecting tools (OSSEC, Snort or Bro (ZEEK)). Another aspect covered in this report is the juxtaposition of three systems: IDS, IPS and IRS and their response. Finally, there will be presented Intrusion Detection Systems' evasion techniques and challenges, followed by critical conclusions.

show abstract

“…An intrusion-detection system (IDS) is a device or software that monitors a network or system for malicious activity or violations of established policies [1]. IDSs can be divided into two major types [1]: network-based intrusion-detection systems (NIDSs) [2] and host-based intrusion-detection systems (HIDSs) that detect malware or host-level attacks on a server or local computer and are able to perform additional system-level checks such as data integrity, registry monitoring, log analysis, rootkit detection and system-call analysis [2] and complement network-based intrusion-detection systems by focusing on internal threats and unauthorized activities [3]. HIDSs can detect various types of attacks, including malware infections, unauthorized access attempts, privilege escalation, and suspicious system modifications [4].…”

Section: Introductionmentioning

confidence: 99%

Risk-Based System-Call Sequence Grouping Method for Malware Intrusion Detection

Vyšniūnas,

Čeponis,

Goranin

et al. 2024

Electronics

View full text Add to dashboard Cite

Malware intrusion is a serious threat to cybersecurity; that is why new and innovative methods are constantly being developed to detect and prevent it. This research focuses on malware intrusion detection through the usage of system calls and machine learning. An effective and clearly described system-call grouping method could increase the various metrics of machine learning methods, thereby improving the malware detection rate in host-based intrusion-detection systems. In this article, a risk-based system-call sequence grouping method is proposed that assigns riskiness values from low to high based on function risk value. The application of the newly proposed grouping method improved classification accuracy by 23.4% and 7.6% with the SVM and DT methods, respectively, compared to previous results obtained on the same methods and data. The results suggest the use of lightweight machine learning methods for malware attack can ensure detection accuracy comparable to deep learning methods.

show abstract

Comparison of the Host Based Intrusion Detection Systems and Network Based Intrusion Detection Systems

Cited by 5 publications

References 12 publications

Building an effective network security system of the enterprise based on the method of analyzing hierarchies of quality indicators

Building an effective network security system of the enterprise based on the method of analyzing hierarchies of quality indicators

Intrusion Detection Systems: Categories, attack detection and response.

Risk-Based System-Call Sequence Grouping Method for Malware Intrusion Detection

Contact Info

Product

Resources

About