Host-based Intrusion Detection Systems can be used to determine if a system has been compromised and can warn administrators if that happens. This paper recognizes four different methods of host-based intrusion detection: filesystem monitoring, logfile analysis, connection analysis and kernel-based intrusion detection. Implementations of intrusion detection systems generally use one of these four methods to detect intrusions. This paper has studied multiple implementations, determined their features, ways of evading their restrictions and ways to prevent evasion. The paper has also given insight into the reasons why certain systems should or should not be used and to what extent, based on their effectiveness and ease of configuration and maintenance.
Did you find this white paper useful?
1 out of 3 users found this white paper useful
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Design Alternatives for a High-Performance Self-Securing Ethernet Network Interface
This paper presents and evaluates a strategy for integrating the Snort network intrusion detection system into a high-performance programmable Ethernet Network Interface Card (NIC), considering the impact of several possible...
Exposing Network Services for Enhanced Competitive Edge
SingTel is Asia's leading communications group with operations and investments around the world. In the growing competitive telecommunications industry, SingTel needed new services revenue stream to maintain its top position....
Telecom Provider Increases Network Performance and Security, Reduces Costs
Oman Mobile is the leading mobile telecommunications provider in Oman. In 2007, the company decided to enhance the performance of its IT infrastructure and make it easier to manage. Also,...
Creditor Expects New Business Opportunities and Increased Employee Productivity
COFIDIS Portugal sells consumer-credit products both directly and through outside resellers. These partners require secure access to company programs without costly virtual private networks. Employees also need remote access to...
