A very clever bad guy hides inside a computer system for a long, long time without being seen. What two main security tools, one watching all the network roads and another watching what each single computer is doing, must work together to find and stop this hidden bad guy?
To find and stop a hidden bad guy who has been inside a computer system for a long time, two main security tools must work together: a network intrusion detection system (NIDS) and a host-based intrusion detection system (HIDS). The NIDS watches all the network roads, which means it inspects all the data traffic flowing in and out of the computer system across its network connections. Think of it like a security guard at the main entrance of a building, checking everyone and everything that comes and goes. The NIDS looks for suspicious patterns in this traffic, like unusual connection attempts, data exfiltration (data being stolen and sent out), or co....
Community Answers
Sign in to open profiles and full community answers.
Rohan Adhikari
“To find and stop a hidden bad guy who has been inside a computer system for a long time, two main security tools must work together: a network intrusion detection system (NIDS) and a host-based intrusion detection system (HIDS). The NIDS watches all the network roads, which means it inspects all the data traffic flowing in and out of the computer system across its network connections. Think of it like a security guard at the main entrance of a building, checking everyone and everything that comes and goes. The NIDS looks for suspicious patterns in this traffic, like unusual connection attempts, data exfiltration (data being stolen and sent out), or communication with known malicious servers. It operates by analyzing against normal network behavior to spot anomalies. The HIDS, on the other hand, watches what each single computer is doing. This is like having security cameras inside each room of the building, monitoring the activity within. The HIDS is installed on individual computers (called hosts) and monitors their internal activities. This includes looking at system logs (records of events on the computer), file integrity (checking if important system files have been modified), running processes (what programs are currently active), and user activity. The HIDS can detct malicious activities that might not be visible from the network perspective, such as malware that has already infected a system and is operating internally. When these two systems work together, the NIDS can alert the HIDS to potential threat originating from the network, and the HIDS can confirm if those threat are actually manifesting on specific computers. Conversely, the HIDS can alert the NIDS to suspicious activity on a host that might indicate an ongoing attack the NIDS has not yet fully identified. This coordinated effort creates a comprehensive security posture, allowing for the early detection and effective stopping of persistent, hidden threats by correlating network-level suspicious events with host-level suspicious activities.”
94.0%
Mohammad Muzzammil Khan
“To find and stop a hidden pesistent threat, security teams must deploy a Network Intrusion Detection System (NIDS) and a Host-based Intrusion Detection System (HIDS) in tandem. The NIDS watcheas all network roads by inspectiong incoming and outgoing traffic packets to stop anomalies like usual connection attempts ,data exfilteration, or known attack signatures. Concurrently, the HIDS monitors individual computer hosts from the inside, auditing internal activities such as logs, active running processes, and file integrity checking. Working together this dual-layered approach ensures that both network-wide traffic anomalies and unauthorised local system behaviorsare caught to eliminate the hidden adversary.”
81.0%
Mishaal Anwar
“To find a hidden attacker, NDR and EDR must work together. NDR acts like a traffic camera watching all the 'network roads' to spot unusual communication or data moving between systems, while EDR acts like a security guard on each individual computer, monitoring files and active processes for malicious behavior By combining forces (a strategy known as XDR), these tools allow security teams to peece together the attacker's full path - cath9n them whether they are traveling acroess the newteok or hiding deep insider a single”
59.0%
Gayatri Sudhakar Hire
“The two tools are network intrusion detection system and host based intrusion detection system . nids inspects traffic across the network, while HIDS monitors activity inside attackers by combining network- level suspicious event with host- level suspicious activities.”
30.0%
Saophirun Chem
“Network security solution such as TrendAI deep discovery for inspect the traffic incoming and outgoing of the organization. For endpoint server or pc we can using with XDR solution to protect and investigate and threat hunting inside the network enviornment.”
27.0%
Muhammad Aamir Riaz
“network intrusion detection system (NIDS) and a host-based intrusion detection system (hids)”
7.000000000000001%
Arunank
“NIDS(Network Intrusion Detection System) and HIDS(Host Intrusion Detection System)”
6.0%
Shan Devinda
“Network intrusion detection system (NIDS)”
3.0%
Hasinee Mirtipati
“NIDS, HIDS”
1.0%
Kabo Sekoto
“NIDS AND HIDS”
1.0%
Gazi Muhammad Abdullah Mahfuz
“123”
0.0%
David Neves De Oliveira
“caça viçoes escondidos”
0.0%