Archives

NIDS in Airgapped LANs - Does it Matter?

NIDS in Airgapped LANs - Does it Matter?
NIDS in Airgapped LANs - Does it Matter?
File Size:
271.48 kB
Author:
Winston Messer
Date:
31 December 2022
Downloads:
77 x
This paper presents an assessment of the methods and benefits of adding network intrusion detection systems (NIDS) to certain high-security air gapped isolated local area networks. The proposed network architecture was empirically tested via a series of simulated network attacks on a virtualized network. The results show an improvement of double the chances of an analyst receiving a specific, appropriately-severe alert when NIDS is implemented alongside host-based measures when compared to host-based measures alone. Further, the inclusion of NIDS increased the likelihood of the analyst receiving a high-severity alert in response to the simulated attack attempt by four times when compared to host-based measures alone. Despite a tendency to think that networks without cross-boundary traffic do not require boundary defense measures, such measures can significantly improve the efficiency of incident response operations on such networks.
 
 
Powered by Phoca Download