CSci530/Neuman-- Assignment #3 -- Fall 2009

Computer Science 530 - Assignment #3 -- Fall 2009

Due: Wednesday, November 18, 2009, 11:00 p.m.

Discuss the difference between anomaly detection and signature based network intrusion detection. What are the advantages and disadvantages of each approach. Provide examples of attacks that would be undetected by each approach, but detected by the other approach.
Consider once again the difference between anomaly based detection and signature based detections, but this time discuss the differences in the context of host based detectors. Consider the security software that is available for windows based PC's which has detection components and explain which kinds of security software fall into each category of detector and why. Discuss the advantages and disadvantages of each approach, when applied on a PC.

INSTRUCTION:

The report must be submitted by 11:00 p.m. on November 18, 2009. The report should be approximately 3 pages, or roughly 1200 to 1500 words. To submit your report you will use the DEN Blackboard assignent submission mechanism. You will use this method regardless of whether you are an on-campus student or a DEN student.

How to submit Assignment #3:

STEP 1. Please login to DEN, and select csci530.
STEP 2. Please select "Assignment" in the menu.
STEP 3. Please select "view/Complete Assignment #3".
STEP 4. Please select "File To Attach" to attach your report. (NOTE: PDF, MS WORD, ASCII TEXT ONLY! Other formats are NOT acceptable.)
STEP 5. Please select "Submit" button. (If you select *SAVE* button instead of *submit*, then the TA cannot view your report for grading.)

It is the individual student's responsibility to follow the submission instruction. Submissions that do not follow this instructions, e.g., submitted late (beyond any automatic extension), or only "Saved" and not submitted. may be penalized or may not be graded at all.

Students may receive an automatic extension of 48 hours total that may be applied across the three homework assignments. If you turn in one of your assignment 8 hours late, then you will only have 40 hours remaining in extensions to use on subsequent assignments. (In answer to questions I have received - since the research paper proposal is not graded, it can be turned in late without coutning against the free late assignment allowance).

GUIDELINE:

This is a lot to cover in so few words - so our advice is to write a first pass at your answer that is longer, and then edit out material that is redundant or not to the point. The use of tables can be very effective in conveying your ideas in a small area, but the tables must be integrated with your textual discussion, and not the only item in your submission.