The defense cyber security discussed and examined in this case study is the Intrusion Detection Systems (IDSs). This paper provides details pertaining to cyber-attacks as well as methodology and solutions to counterattack these said attacks with the implementation of effective cybersecurity programs such as the Intrusion Detection Systems. It further goes into depth about the Intrusion Detection Systems including but not limited to its advantages and disadvantages, how it operates to detect malicious activity and issue alerts, and the four main types of Intrusion Detection Systems which includes: Network Intrusion Detection System (NIDS), Host Intrusion Detection Systems (HIDS), Signature-based Intrusion Detection Systems, and Anomaly-based Intrusion Detection systems.
Cyber threats have been a reoccurring topic for many decades but with the increasing of technology these threats have become more and more prevalent. The definition of cyber threat is, “A threat posed by means of the Internet (a.k.a. cyberspace) and the potential source of malicious attempts to damage or disrupt a computer network, system, or application” (Turban, Pollard, & Wood, 2019). This threat lies anywhere that data can be accessed over the internet and the amount of data being stored on the internet is increasing making everyone’s information easier to access and use. These threats range from personal identity theft to huge breaches in government information. In order to combat these threats, managers of a business must be in compliance with standard cybersecurity practices.
One form of cybersecurity defense is the Intrusion Detection Systems (IDSs). Intrusion Detection Systems work to monitor network traffic for suspicious activity and issues alerts when that kind of activity is discovered (Rouse, & Rosencrance, 2018). Intrusion Detection Systems have recently become popular within the computer science field due to the increasing amount of network throughput and surrounding security threat (Liao, Richard Lin, Lin, & Tung, 2013). Intrusion Detection Systems can be broken down into four different types based on their methods used (Rouse, & Rosencrance, 2018). The different types include: Network Intrusion Detection System (NIDS), Host Intrusion Detection Systems (HIDS), Signature-based Intrusion Detection Systems, and Anomaly-based Intrusion Detection systems (Rouse, & Rosencrance, 2018). Intrusion Detection Systems can further be broken down into two categories: passive or active (Rouse, & Rosencrance, 2018). Passive IDSs that detect malicious activities generate alert or log entries while taking no actions but active IDSs generate alerts and log entries while also taking actions like blocking IP addresses and /or shutting down access to the restricted resourses (Rouse, & Rosencrance, 2018).
The main drawback to Intrusion Detection Systems is that they are prone to false alarms and may flag everyday activity as potentially malicious activity (Rouse, & Rosencrance, 2018). However, if the organization fine-tunes their IDS when first installed, it would properly configure their Intrusion Detection System to recognize the difference between their normal traffic and potentially malicious activity on their network (Rouse, & Rosencrance, 2018). Another drawback to Intrusion Detection Systems is that many practices are not able to completely monitor everything and the resources to do so can be very expensive (Liao, Richard Lin, Lin, & Tung, 2013). This furthermore contributes to companies relying on outside resources to monitor their business data which is not as safe (Liao, Richard Lin, Lin, & Tung, 2013). In order to combat this, there are the advancements of Intrusion Detection Systems as listed above as the four different types. The use of different types allows for companies to identify the threats and manage the security measures required (Liao, Richard Lin, Lin, & Tung, 2013).
As technology advances the cyber security risk for every company increases. This furthermore requires all businesses to enact cybersecurity measures, like Intrusion Detection Systems, to detect and defend against these threats. The Intrusion Detection System is able to detect malicious threats and allows businesses to identify the level of risks within their network. Although there are risks associated with the Intrusion Detection Systems, there is no doubt that it is helping to prevent cyber-attacks around the world. Intrusion Detection Systems are a very beneficial asset for any company to have, especially as technology continues to advance with leaps and bounds.