Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Explain advantages and disadvantages of different types of IDS.

Advantages of HIDS :

Advantages:

  1. Analyzes Encrypted Data: Can analyze encrypted data and communications activity.
  2. Attack Indication: Informs if an attack is successful or not.
  3. Easy Deployment: Easy to deploy as it doesn’t require additional hardware.
  4. No Impact on Architecture: Does not affect the current system architecture.

Disadvantages:

  1. Dependency on OS: Breaks down if the operating system is compromised by an attack.
  2. Limited Detection: Unable to detect network scans or Denial of Service (DOS) attacks.
  3. Resource Intensive: Tends to be resource-intensive.

Network-based Intrusion Detection System (NIDS):

Advantages:

  1. Operating Environment Independence: Doesn’t affect the performance of individual hosts.

Disadvantages:

  1. No Success Indication: Does not indicate whether the attack was successful or not.
  2. Limited Visibility: Has limited visibility inside the host machine.
  3. Cannot Analyze Encryption: Unable to analyze encrypted traffic.

Virtual Machine-based Intrusion Detection System (VMIDS):

Advantages:

  1. Flexibility: More flexible in its approach.
  2. Efficiency: More efficient in detection.
  3. Combined Strengths: Takes advantage of the strengths of different types.

Disadvantages:

  1. High Overhead: Can impose a high overhead load on the monitored system depending on the combined methodologies.
  2. Processor Utilization: The processor utilization of the hybrid agent can be significant.

Protocol-based Intrusion Detection System (PIDS):

Advantages:

  1. Accuracy: More accurate in its detection.
  2. Wireless Protocol Management: Can manage wireless protocol activity.

Disadvantages:

  1. Limited Resources: Sensors have limited computational resources and energy.

Leave a Comment