network behavior anomaly detection
Home > Security Definitions - Network behavior anomaly detection
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

network behavior anomaly detection


Show me everything on Network Behavior Anomaly Detection (NBAD)


Word of the Day


DEFINITION -

Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or trends. NBAD is an integral part of network behavior analysis (NBA), which offers security in addition to that provided by traditional anti-threat applications such as firewalls, antivirus software and spyware-detection software.

An NBAD program tracks critical network characteristics in real time and generates an alarm if a strange event or trend is detected that could indicate the presence of a threat. Large-scale examples of such characteristics include traffic volume, bandwidth use and protocol use.

An NBAD program can also monitor the behavior of individual network subscribers. In order for NBAD to be optimally effective, a baseline of normal network or user behavior must be established over a period of time. Once certain parameters have been defined as normal, any departure from one or more of them is flagged as anomalous.

NBAD should be used in addition to conventional firewalls and applications for the detection of malware. Some vendors have begun to recognize this fact by including NBA/NBAD programs as integral parts of their network security packages.

Learn more about Network Behavior Anomaly Detection (NBAD)
The key technologies in a network perimeter intrusion defense strategy: This article introduces and defines the myriad technologies and the role they play in an intrusion defense strategy.
Use BotHunter for botnet detection: Got bots? Hopefully not, but how can you be sure? Learn about botnet detection with the help of a free tool, BotHunter.
Combining NetFlow analysis with security information management systems: When NetFlow is used in conjunction with SIMs and correlated with data from other devices and layers, the combination becomes indispensable.
Security information management finally arrives, thanks to enhanced features: In this tip, Mike Rothman reveals how network-behavior analysis and log management technologies have brought some new life to the SIM market.
IDS: Signature versus anomaly detection: Learn the strengths and weaknesses of signature and anomaly detection, and how the two detection methods complement each other.

LAST UPDATED: 06 Nov 2006

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- Security Focus outlines the basics of anomaly detection.
- Lancope offers an NBA/NBAD solution called StealthWatch.
- SearchNetworking.com provides links to NBA/NBAD-related white papers and vendor information.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Trend Micro to acquire Third Brigade for virtualization, cloud security
Trend Micro said Third Brigade's technology bolsters its datacenter security strategy by helping its customers protect virtual servers and cloud...
Use BotHunter for botnet detection
Got bots? Hopefully not, but how can you be sure? Learn about botnet detection with the help of a free tool, BotHunter.
Is centralized logging worth all the effort?
Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
network behavior analysis  (SearchSecurity.com)
Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or...
nonce  (SearchSecurity.com)
A nonce, in information technology, is a number generated for a specific use, such as session authentication.




Get More network behavior anomaly detection Answers
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts