Network Intrusion Detection and Forensics Dissertation

Network Intrusion Detection and Forensics - Dissertation Example The paper tells that computers have come to assume in all aspects of our lives, and the lack of reliable networks in modern computing environments in plainly inconceivable. The supremacy of information technology in running many modern systems hinges on the continued reliability of computer networks. Without stable computer network systems, many simple computing activities we have come to assume as part of our daily routines: sending emails, browsing the web, making business communications, and maintaining social contacts would be in severe jeopardy. Malicious use of computer networks would completely compromise our computing experience and the utilization of these indispensable network tools. Network Intrusion Detection Systems (NIDS) are partly the reason behind the continued security in computer systems around the world. The NIDS systems detect illicit use of computer networks, alert network administrators, create reports in the system through their logging abilities, and try to p revent harm to the network by malevolent network users. However, many users of computer networks lack access to decent NIDS systems available commercially. Part of the reason why many computer users stave off the commercially available NIDS systems is the prohibitively costs. Another reason for the unattractiveness of several commercial network-based IDS is traceable to their complex deployment, configuration, and implementation procedures, which normally require technical assistance. Over the past decade, open source NIDS systems have come to define the NIDS landscape. Currently, the leading NIDS system in terms of user base been Snort, a lightweight open source NIDS. The purpose of this project is to make comprehensive comparison of two open source NIDS, Snort and Bro. Keywords: Snort, Bro, NIDS, Table of Contents Abstract 2 Table of Contents 3 1.INTRODUCTION 4 2.BACKGROUND TO THE PROBLEM 5 3.OVERVIEW OF NETWORK INTRUSION DETECTION SYSTEMS 5 3.1 The Roles of NIDS 5 3.2 Difference of NIDS with Firewalls 7 3.3 Limitations of the Network Intrusion Detection Systems 7 3.4 Network Intrusion and Detection System Alert Terminologies 8 4.RECENT DEVELOPMENTS IN INTRUSION DETECTION SYSTEMS 9 5.DIFFERENT METHODS OF INTRUSION DETECTION 10 5.1 Statistical Anomaly-Based Intrusion System 10 5.2 Signature-Based Intrusion Detection 10 6.NETWORK INTRUSION DETECTION SYSTEMS 11 6.1 Snort 11 6.2 Bro 11 6.3 PHAD 11 6.4 NetSTAT 12 6.5 EMERALD 12 6.6 Suricata 13 7.TESTING AND EVALUATION METHODOLOGY 13 8.ANALYSIS OF SNORT AND BRO 14 8.3 Common Characteristics of Snort, Bro, Suricata, and NetSTAT 16 8.4 Differences between Snort, Bro, Suricata, and NetSTAT 17 8.5 Major Strengths of Snort 19 8.6 Major strengths of Bro 21 8.7 Major strengths of Suricata 21 8.8 Major strengths of NetSTAT 22 8.9 Major Weaknesses of Snort 22 8.10 Major Weaknesses of Bro 22 8.11 Major weaknesses of Suricata 23 8.12 Major weaknesses of NetSTAT 23 9. RESULTS FOR SNORT AND BRO 23 9.1 Capabilities of Snort and Bro to Identify Security Threats and Network Violations 23 9.1.1 Bro Architecture 23 9.1.2 Bro Network Intrusion Detection Mechanism 25 9.1.3 Snort Architecture 26 9.1.4 Snort Network Intrusion Detection Mechanism 26 9.1.5 Suricata’s Network Intrusion Mechanism 27 9.1.6 NetSTAT Capabilities to detect security threats and network violations 28 9.2 Comparison of Snort’s, Bro’s, Suricata’s and NetSTAT’s Performance 28 10. RECOMMENDATIONS AND CONCLUSIONS 29 10.1 Recommendations 29 10.2 Conclusions 30 References 33 1. INTRODUCTION The essentiality of network protection is unquestionable, especially with the ever-growing relevance of computer networks in many facets of our society. Many things, ranging from trade, governance, education, communication, and research rely heavily on computer networks. The vulnerability of networks to breakdowns after attack can be expensive and disastrous.

MGT506 - Strategic Leadership, Mod 5 Case Assignment Essay

MGT506 - Strategic Leadership, Mod 5 Case Assignment - Essay Example The implication is that a leader must always lead by example which is expressed by doing that which is expected to be done in the correct way and time so that he rest of the population being led can follow the example and do things the way he has done them. Shamir defines a leader as a person that is considered the best in doing something or carrying out an activity, that a leader is the head of an organization or a country and is one that is considered the best in doing things that are supposed to be done by the people or group he or she is leading. He adds that the term leader refers to one who is in front of a group and is responsible for the actions of the group (Shamir, 1991). To this extent therefore what Shamir is trying to imply is that a leader must ensure that the people he or she is leading do the right thing all the times. Good leaders in essence act as mirrors to those that they lead which is a reflection of what the people should do even in the absence of the leader. He is the root map that people view to get the right direction to follow in order to make straight their progress in life, the Pacesetters in everything that goes on in the community around them. A good leader as Shamir would put it is visionary in the sense that he or she leads the people towards the realization if they're set dreams for a better future and a better life in the times to come (Shamir, 1991) . A number of people in the world have satisfied this definition and proved their worth to fall in the list most successful and honored leaders of the world given their excellent performance and determination in leadership positions. This paper is going to examine the qualities of a good leader and define the requirements for good leadership with reference to the example of the former South African Anti- Apartheid activist and president, Nelson Mandela. Nelson Mandela As a Visionary Leader Nelson Mandela was born on July 18th 1918 in the current republic of South Africa. He was ado pted by the king of the Thembu tribe of South Africa after his father’s death just a few years after his resignation from the British employment (Mandela, 1994). While growing up among the king’s children, Nelson Mandela learned of the styles of leadership from the way the king used to handle cases brought to him from various regions within his kingdom. He also learned of the mode of relationship that the king had with the neighboring kingdoms in a bid to create peace and unity with the neighbors. In essence, the excellent style of leadership that Nelson Mandela portrayed as the first black president of the new republic of South Africa was learnt in this context right at the king's palace in the Thembu kingdom. (Waldman, 2006) David A Waldman in his journal article entitled Cultural and leadership predictors of corporate social responsibility values of top management: a GLOBE study of 15 countries defines leadership in the context of taking collective social responsibi lity taken at three levels. Of prime importance in this case is the dimension concerned with the community or state welfare, which he argues extends beyond just a particular stakeholder group include the larger societal entity which involves such values and actions as