Network intrusion detection research paper

An NIPS is somewhat similar to a firewall, but there are some differences. A firewall faces outward and blocks all incoming traffic unless it meets the rules that allows it to pass through, while an NIPS looks at traffic that is already on the network and only blocks traffic that meets certain criteria. One of the best metaphors for explaining the differences is to compare them to different types of security guards. A firewall is like the guard at a gate to a facility. The guard checks credentials and only allows guests through if they are on the list or can prove that they have business there. An NIPS is more like the roaming security guard who walks around the building. This guard watches what the guests are doing and only kicks them out if they are doing something suspicious.

As you can see in the following screen capture, there was traffic using the BitTorrent protocol, which is used for peer to peer file sharing. As an administrator you do not expect to see BitTorrent traffic on this particular virtual machines. Now you aware of this traffic, you can remove the peer to peer software that installed on this virtual machine, or block the traffic using Network Security Groups or a Firewall. Additionally, you may elect to run packet captures on a schedule, so you can review the protocol use on your virtual machines regularly. For an example on how to automate network tasks in azure visit Monitor network resources with azure automation

Network intrusion detection research paper

network intrusion detection research paper


network intrusion detection research papernetwork intrusion detection research papernetwork intrusion detection research papernetwork intrusion detection research paper