1.

Explain Signature Based Nids?

Answer»

Signature based NIDS : Signature-based IDS refers to the detection of ATTACKS by looking for specific patterns, such as byte sequences in network traffic, or KNOWN malicious instruction sequences USED by malware. This TERMINOLOGY ORIGINATES from anti-virus software, which refers to these detected patterns as signatures.
Problems:

  • “Zero-day” attacks.
  • Polymorphic attacks.
  • Botnets – Inexpensive re-usable IP addresses for attackers.

Signature based NIDS : Signature-based IDS refers to the detection of attacks by looking for specific patterns, such as byte sequences in network traffic, or known malicious instruction sequences used by malware. This terminology originates from anti-virus software, which refers to these detected patterns as signatures.
Problems:


Discussion

No Comment Found

Related InterviewSolutions