Download
1 / 6
60 likes | 160 Vues
NIDES is an advanced intrusion detection system with components like Persistent Storage, Agent, ArPool, Statistical Analysis Component, Rule Based Analysis Component, Resolver, Archiver, and User Interface. It helps maintain user statistical profiles, detect anomalies, known intrusion types, and violators of security policies. The NIDES process graph includes data flow and analysis stages.
E N D
Next Generation Intrusion Detection Expert System (NIDES)
Components of NIDES • Persistent Storage • Agen • ArPool • Statistical Analysis Component • Rule Based Analysis Component • Resolver • Archiver • Batch Analysis • User Interface
Persistent Storage • It contains : • Audit Record Archieve • Result Archive • User Statistical Profile • Analysis Configuration
Statistical Analysis Component • Maintains Historical Statistical Profile For each user • Updated Regularly • Detects Anomaly
Rule Based Analysis Component • Detects known intrusion types • Detects intruders who are in violation of site security policy.
NIDES Process Graph : Target Host 1 Target Host N Target auditing system Native format audit data Target auditing system Native format audit data agen agen NIDES format audit data NIDES format audit data Arpool NIDES format audit data NIDES format audit data Statistical Analysis Rule based Analysis Statistical Analysis Results Rule based Analysis Results Resolver Resolved Analysis Results User Interface
