Nt1330 Unit 1 Assignment 1

Words: 475
Pages: 2

SCADA (Supervisory Control and Data Acquisition) is typically central control unit that contain high level operation functionally and as well as control center with interface for the process operator. Today raising interconnectivity of SCADA network with instantly to the Internet and corporate office networks will continue to increase exposed to a growing risk of cyber crime and a critical need to improve the security of these SCADA networks. In large scale of IT-infrastructures such as ICT (Information and Communication Technology) information typically scattered across network and system which monitor critical infrastructure such as SCADA, there are much possibilities of anomaly. There is various application of SCADA in multiple fields for monitor …show more content…
Often considered to be much more accurate at identifying an intrusion attempt.
2. Ease of tracking down cause of alarm due to detailed log file.
3. Time is saved since administrators spend less time dealing with false positives
1.2 Demerits of Signature Based Detection
1. Signature based systems can only detect an intrusion attempt if it equivalent a structure that is in the directory, therefore causing directory to constantly be updated
2. Whenever a new virus or attack is identified it can take vendors anywhere from a few hours to a few days to update their signature databases.
1.3 Merits of Anomaly Based Detection
1. New threats can be detected without having to worry about database being up to date.
2. Very little maintenance once system is installed it continues to learn about network activity and continues to build its profiles.
3. The longer the system is in use the more accurate it can become at identifying
…show more content…
They can detect zero day attack [16].
1.4 Demerits of Anomaly Based Detection
1. The network can not be in secured state as the system builds its profile.
2. If malicious activity looks like normal traffic to the system it will never send an