Network intrusion detection systems (NIDS) continuously monitor network traffic for malicious activity, raising alerts when detecting attacks. However, high-performance Gbps networks pose major challe ...Celý popis
Network intrusion detection systems (NIDS) continuously monitor network traffic for malicious activity, raising alerts when detecting attacks. However, high-performance Gbps networks pose major challenges for these systems, and despite vendor promises they often fail to work reliably in such environments. In this work, we set out to understand the trade-offs involved in network intrusion detection, and we mitigate their impact on operational security monitoring. We base our study on extensive experience with several large-scale network environments where immense traffic diversity requires any NIDS to deal robustly with unexpected situations. We devise new mechanisms for a popular open-source NIDS that allow the operator to trade-off the quality of the detection with the system's resource demands, and we enable the NIDS to transparently share its state across instances, thereby multiplying the available amount of resources. We also improve the precision of the NIDS's detection by enabling it to incorporate different kinds of network context into its analysis.
Proč nakupovat na Enbooku?
Velký výběr
Nabízíme miliony knih v angličtině. Od beletrie až po ty nejodborněji odborné.
Poštovné zdarma
Poštovné už od 54 Kč a při objednávce nad 1499 Kč doprava na pobočku Zásilkovny zdarma.
Skvělé ceny
Ceny knih se snažíme držet při zemi a vždy pod cenou doporučovanou vydavatelem, aby si je mohl koupit opravdu každý.
Online podpora
Můžete využít online chatu, emailu nebo nám zatelefonovat.
Osobní přístup
Nejdůležitější je pro nás Vaše spokojenost. Prodáváme knihy, protože je milujeme. Nejsme žádní nadnárodní giganti, ale poctivá česká firma.