What Were The Major Challenges Confronted By Nids

  
     
  By Andy.H
  
   
     
  Intrusion Detection System is a new generation network security ´technology over ´the past decades܂ It detects whether ´there is any violation of security policy or attack of hackers via analyze ´the collected information of each nodes in network܂ IDS is a comprehensive dynamic security technology‚ composed with detection‚ log‚ alert and response‚ not only detection any intrusion external action but also monitor internal unauthorized action܂



IDS ´technology in face of ´two challenges:

1܂ How ´to improve detection speed ´to meet ´the requirements of network communication܂

Processing speed of network devices is always a major bottleneck in network performance܂ Though IDS work as by-pass method‚ ´the synchronization of detection data transmission is still a problem and ´the missing and false rate will affect ´the veracity and validity܂ It will cost much ´time and system resource‚ generally‚ ´to capture and analyze every packet in network‚ so‚ many current IDS can adapt several decades Megabyte܂ With more and more popular of 100M and even 1000M Ethernet‚ ´the ´technology development of IDS will lagged far behind ´the development of network܂

2܂ How ´to reduce ´the missing and false rate ´to improve accuracy܂

Based on pattern matching‚ IDS will extract ´the characters of all intrusion action and save ´them in its database܂ Then‚ distinguish whether ´the character of captured packets match the data in its database܂ Therefore‚ it is a big reason if the characters database can not update immediately with there is new attack method and released vulnerability every day܂ Most IDS which based on check single packet will not distinguish camouflage or deformation network action and lead ´to many missing or false alarm because of ´the shortness in protocol analysis܂

In ´the face of ´the ´two challenges in IDS currently‚ Ax3soft Sax2 reach exactly and efficiently detection via deeply analyze protocols‚ follow up and revert network conversation‚ reconstruct TCP/IP stream‚ sort all cached data and label ´the ´train samples‚ and ´then submit ´the ´train samples ´to ´the detect engine܂ In addition‚ Ax3soft Sax2 enhanced multi-pattern matching algorithm ´to improve ´the detection speed܂

  
   
  Article Source: http://interpret.zar.vg   
     
  About The Author
  
     
 
More Articles about: Networks
 		  
 
  • Ways To Secure A Speedier Upload Speed For Your Business Network Connection
  • Wireless Cable Modem Or Cable Modem Wireless Router
  • Where To Locate The Best Network Consultant And Ways To Gauge Their Knowledge Level
  • What Are Virtual Private Servers And How Do They Work
  • Hidemyass Proxy Review Review Of The Hide My Ass Proxy Service
  • Experience Networking Consultant And Engineer And Security Consultants Available
  • Ipv4 Addressing Tutorial
  • Subnet Mask Tutorial
  • Variable Length Subnet Masking Tutorial
  • The Benefits Of Using Switches Over Hubs
  • Cellular Networks
  • How to choose your favourite networking book
  • 3 Tips for Keeping a Network Secure
  • Essential Blogging: 5 Keys to Essential Blogging
  • Buying Used IT Equipment Online Can Save You Money
  • Network Configuration Managers for Managed Network Service Providers
  • The Importance of IT Support
  • Does Hidemyass Keep Logs?
  • Network Monitoring How ManageEngine OpManager Fits In
  • ABC of Do Follow and No follow
  • What Hardware You Need to Use in a Network
  • Network Switches and VLANs A Review
  • Choosing The Best Internet Web Hosting For Your Needs
  • Advancements In Cloud Computing
  • Take Advantage Of Good Deals On Internet Service
    •      		  
         
         
        © 2012 interpret.zar.vg