International E-publication: Publish Projects, Dissertation, Theses, Books, Souvenir, Conference Proceeding with ISBN.  International E-Bulletin: Information/News regarding: Academics and Research

Intrusion Detection and Prevention System (IDPS) Technology- Network Behavior Analysis System (NBAS)

Author Affiliations

  • 1Singhania University, Jhunjhunu, Rajasthan, INDIA
  • 2Singhania University, Jhunjhunu, Rajasthan, INDIA
  • 3Singhania University, Jhunjhunu, Rajasthan, INDIA

Res. J. Engineering Sci., Volume 1, Issue (1), Pages 51-56, July,26 (2012)

Abstract

Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies, acceptable use policies, or standard security practices. Intrusion prevention is the process of performing intrusion detection and attempting to stop detected possible incidents. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators. In addition, organizations use IDPSs for other purposes, such as identifying problems with security policies, documenting existing threats, and deterring individuals from violating security policies. IDPSs have become a necessary addition to the security infrastructure of nearly every organization. In this paper we discuss the one technology of IDPS named network behavior analysis system. A network behavior analysis system (NBAS) is basically an IDPS (intrusion detection and prevention system) technology which examines network traffic to identify threats that generate unusual traffic flows, such as distributed denial of service (DDoS) attacks, certain forms of malware, and policy violations, In this paper we provides a detailed discussion of NBA technologies. First, it covers the major components of the NBA technologies and explains the architectures typically used for deploying the components. It also examines the security capabilities of the technologies in depth, including the methodologies they use to identify suspicious activity. The rest of the part discusses the management capabilities of the technologies, including recommendations for implementation and operation.

References

  1. Scarefone Karen and Mell Peter,, Computer Securiy,, National Institute of Standard Technology, (2007)
  2. W. Stallings, Networks Security Essentials: Application and Standards,, Pearson Education (2007)
  3. Shukla Brahma Dutta and Gupta V.K.,, Performance Interoperability between RDBs and OODBs,, Res. J. Recent Sci., 1, 419-421 (2012)
  4. Gupta Dhiraj, Shukla Brahma Dutta, Constraint of Secured Database in Distributed Database management System,, advancement in computational technique & application, 1, 190-194 (2011)
  5. Sheetlani Jitendra and Gupta V.K.,, Concurrency Issues of Distributed Advance Transaction Process,, Res. J. Recent Sci., 1, 426-429 (2012)
  6. Gligor V.D. and Shattuck S.H.,, Deadlock detection in distributed systems,, IEEE Trans. Softw. Eng. SE-6, 5, 435-440 (1980)
  7. Gupta Dhiraj and Gupta V.K.,, Approaches for Deadlock Detection and Deadlock Prevention for Distributed systems,, Res. J. Recent Sci., 1, 422-425 (2012)
  8. Mell Peter and Scarfone Karen,, Guide to Intrusion Detection and Prevention Systems,, U.S. Department of Commerce (2007)
  9. Moss E.B.,, Nested transactions: An approach to reliable distributed computing,, Ph.D. dissertation, Massachusetts Institute of Technology, Cambridge, MA, USA (1981)
  10. Gray J.N.,, Notes on database operating systems. In Operating Systems: An Advanced Course,, Springer-Verlag, New York, 60, 393-481 (1978)