Explain the different types of implementing Network Intrusion Detection System in cloud.

-

Intrusion Detection System (IDS) 

An Intrusion Detection System (IDS) is a network security technology originally built for detecting vulnerability exploits against a target application or computer. Intrusion Prevention Systems (IPS)extended IDS solutions by adding the ability to block threats in addition to detecting them and has become the dominant deployment option for IDS/IPS technologies. This article will elaborate on the configuration and functions that define the IDS deployment.


Active and passive IDS

An active Intrusion Detection System (IDS) is also known as Intrusion Detection and Prevention System (IDPS). The intrusion Detection and Prevention System (IDPS) is configured to automatically block suspected attacks without any intervention required by an operator. Intrusion Detection and Prevention System (IDPS) has the advantage of providing real-time corrective action in response to an attack.


Network Intrusion detection systems (NIDS) and Host Intrusion detection systems (HIDS)

Network Intrusion Detection Systems (NIDS) usually consist of a network appliance (or sensor) with a Network Interface Card (NIC) operating in promiscuous mode and a separate management interface. The IDS is placed along a network segment or boundary and monitors all traffic on that segment. A Host Intrusion Detection System (HIDS) and software applications (agents) installed on workstations are to be monitored. The agents monitor the operating system and write data to log files and/or trigger alarms. A host Intrusion detection system (HIDS) can only monitor the individual workstations on which the agents are installed and it cannot monitor the entire network.


Knowledge-based (Signature-based) IDS and behavior-based (Anomaly-based) IDS

A knowledge-based (Signature-based) Intrusion Detection System (IDS) references a database of previous attack signatures and known system vulnerabilities. The meaning of the word signature, when we talk about Intrusion Detection Systems (IDS) is recorded evidence of an intrusion or attack. Each intrusion leaves a footprint behind (e.g., nature of data packets, failed attempt to run an application, failed logins, file and folder access, etc.). These footprints are called signatures and can be used to identify and prevent the same attacks in the future. Based on these signatures Knowledge-based (Signature-based) IDS identifies intrusion attempts.

Comments

Post a Comment

Popular posts from this blog

Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

-
Image
a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
Read more

Explain market-Oriented Cloud computing architecture.

-
Image
  Market Oriented Cloud Computing (Mocc) As customers rely on Cloud providers to cover all of their computing needs, they will expect certain Qe from their providers to fulfill their objectives and continue their operations. Cloud providers must examine and satisfy the various QoS standards of each unique consumer as stipulated in unique SLAs. To do this, cloud providers cannot continue to install traditional system-centric resource management architectures that do not give incentives for them to share their resources while still treating all service requests as equal insignificance. Instead, market-oriented resource management is required to maintain the supply and demand for Cloud resources at market equilibrium, provide feedback in the form of economic incentives for both Cloud consumers and providers, and promote QoS-based resource allocation mechanisms that differentiate service requests based on their utility. The diagram depicts a high-level architecture for enabling market-orie
Read more

Describe how cloud computing technology can be applied to support remote ECG monitoring.

-
Image
  Healthcare: ECG (Electrocardiogram) Analysis in cloud computing Healthcare is a field, subject, sector, or territory in which information technology has several uses. These apps are being used to aid businesses in supporting scientists in developing disease prevention solutions. Cloud computing has emerged as an appealing alternative for constructing health monitoring systems as a result of the development of the Internet or to put it another way, as a result of the availability of the internet. The ECG machine, for example, is a health monitoring device that measures the human body's heartbeat and prints the results on graph paper. The electrocardiogram (ECG) measures the electrical activity of the heart's Cardium. A waveform is created as a result of this action, which is repeated throughout time and symbolizes the heartbeat.  The analysis of the shape is used to identify arrhythmias, and it is the most common way of detecting heart diseases. Here the meaning of arrhythmias
Read more