Introduction Accounting

Introduction to branches of Accounting

Accounting is an important concept that its history can be traced back centuries ago. Many businesses, based on numerous transactions made in a day requires accountability and proper records keeping for such in information in order to enhance other activities within a business enterprise such as communication. With the absence of accounting for businesses, this would act as a stabling block for the attainment of organizational objectives such as profit maximization as management of resources requires proper innovative structures for accountability.

According to Dyson (2004) the accounting branches can be segregated into three key areas; financial, cost, tax and managerial accounting (Dyson, 2004, p.12). Accounting plays a significant role in different business enterprises especially on key areas such decision-making, giving information, protection of business from various transactions involved with other business environments and explaining the business position. Financial Accounting is the art of managing business financial recording that stipulates the business position and it progress in growth through the analysis of profits and losses. According to Babarinde (2003) financial accounting is a system that deals with explaining the situation and the state of affairs for businesses through preparation of financial statements such as the balance sheet and trade and profit loss account (Babarinde, 2003 p. 313). Financial accounting also plays a significant role in running a business enterprise as the system give the estimates of costs on products, functions, activities and the firm progress. Through financial management in a business entity can get quality information to plan through budgeting that gives estimates on expected expenditures.

Cost accounting is the system used in controlling activities of production that would regulate expenditures for the business in order to enhance profit maximization. According to Abeygunasekera and Fonseka (2013) every business has its control system that helps in cutting cost either through the production processes such as manufacturing, recruitment, training and development and delivery of services. Through such processes, cost accounting acts a system for the management to control such expenditures incurred through transactions with different business environments as well as in the processes of availing goods and services to consumers (Abeygunasekera and Fonseka, 2013).

Managerial accounting is the process that facilitates the management with information concerning the company’s progress that enhances the management in carrying out their day to day functions. The management in every business ought to have the facts in decision-making, planning, and in the development of policies and through managerial accounting such is facilitated. According to Mbroh (2013) he argued that in managerial accounting, frequent information is made obtainable to the management such as information on funds, profit and cost that gives a bulge of the business advancement and must be factual in support of truth and fairness (Mbroh, 2013).

Recommended accounting methodology for companies

It is necessary for the management of any business to how commitment in recording business transactions as this information can be retrieved for further use when such information is required. There are for instance methods of accounting that are commonly used across bossiness in the world of today. This includes the single entry and doubles entry methods that are used interchangeably in businesses. Use of double entry techniques has proved to have various advantages for many that use it. In the double entry, two columns are created for transaction entries in both what the company receives and also spends while running the business.

By following the right procedures in preparation of journals, trial balance, and final account, the use of the double entry techniques businesses benefits in different ways that is recommendable. Through such a system, the management is also to create the accounting book through a device known as the trial balance that give more accurate inform about the business transaction.

Introduction To Accounting
Introduction To Accounting

It is also easier to ascertain on the profits and losses incurred by a business if the transaction entries are properly entered in the trial balance device. According to Mbroh (2013) he also argued that a financial statement such as the balance sheet, the system gives accurate information concerning the position of the business enterprise (Mbroh, 2013). The management is also able to know if the firm has made any development such as profit maximization and growth. This as well regulates spaces for errors as the transaction entries in both the debit and the credit side should balance in the system. Through the double entry system, the management is also able to carry out a comparison study during a specific period such as between two consecutive years. It also becomes easier in making decisions for the business as the business position is made clear for instance in the trade and profit loss accounts.

References

Abeygunasekera, A.W.J.C and Fonseka, A. T (2013) Non-Compliance with Standard Practices by Small and Medium Scale Enterprises in Sri Lanka.

Babarinde A. (2003) Financial Accounting, Volume 1, Lagos: JBA Associates Ltd.

Dyson J. R (2004) Accounting For Non-Accounting Students, 6th Ed. Financial Times/ Pitman Publishing Imprint, England.

Mbroh, (2013) Control Systems Practiced By Small and Micro Enterprise Owners within the Cape Coast Metropolitan Area of Ghana in Asian Journal of Business and Management Sciences Vol. 1 No. 9 [28-47]

Click Here To View Finance Dissertations

2008 Financial Crisis

2008 Financial Crisis

The financial crisis commenced in August 2007 after the preceding inflation. The crisis became more defined throughout 2007 and gained momentum in 2008. This took place even after the financial regulators and the central banks’ tireless attempts to tame the situation. It is alleged that the main factors that influenced its manifestation include corruption, fraud, speculation, greed, bankers and bankers’ bonuses. However, the academic discourse, politics or media has been unable to solve the mystery surrounding the main causes of the crisis. The mystery is academically relevant to the world of research just like the Great Depression, whose causes are still being discussed. Other sources believe that the crisis might have been as a cause of human failures especially following the refusal to bail out the Investment Bank Lehman Brothers. The housing bubble was the immediate trigger of the 2008 financial crisis. The following were the triggers under the housing bubble.

Subprime Lending

A subprime mortgage is the mortgage that is readily acceptable without imposing strict measures of standard on it. Before the 2008 financial crisis, there existed a fierce competition between mortgage lenders. The competition between the mortgage lenders ensued from the struggle for market share and revenue. It also took place in tandem with limited supply of creditworthy borrowers which put unconditional stress on the financial institutions. The relaxing mood by the mortgage was apparent and hence less creditworthy borrowers were granted mortgages. This was a financial err due to failure to adhere to high standards of lending and hence riskier mortgages were granted to the borrowers. This was also evident in early 2003 where the Government Sponsored Enterprises (GSE), due to their conservative nature, sustained relatively high underwriting standards. The Government Sponsored Enterprises also policed mortgage originators prior to 2003 while maintaining high underwriting standards at the same time. Consequently, the market power shifted originators straight from the securitizers and hence led to tight competition between Government Sponsored Enterprises and the private securitizers. This competition undermined the power of Government Sponsored Enterprises and therefore compromised the mortgage standards. The situation also led to proliferation of risky loans.

During the years preceding the 2008 financial crisis, there was a competitive pressure that ultimately accelerated the subprime lending by the investment banks in the United States and Government Sponsored Enterprises such as Fannie Mae. The Fannie Mae became the biggest lender while the GSE relaxed their quest for the purpose of catching up with the private banks in the United States. Summarizing the subprime lending, there were low bank interest rates, existence of abundant credit and hiking prices of houses. Due to these, there was relaxation of the lending standards and hence the increase in the number of loan borrowers. Through the scheme, the borrowers were able to borrow loans to buy very expensive houses that they could not afford initially. Later on, the house prices started to decline, the loans went sour and hence the cause of shock to the financial system and the global economy. This happened prior to 2008 and hence it can be declared as the major instigator of the 2008 financial crisis

Growth of the Housing Bubble

Identification of a bubble is complicated before it bursts. It is counter intuitive to state that early detection of the housing bubble and its immediate eradication is the best mitigation practice. However, mitigation of housing bubble is the worst thing to do because it can damage the economy. It is advisable to wait for the housing bubble to burst and then respond to its effects.

The housing bubble, as far as the 2008 financial crisis is concerned, led to 124 per cent increase in the price of typical American houses. The bubble took place between 1997 and 2006-approximately one decade. The bubble had drastic consequences on the economy and especially to the home owners in the United States of America prior to the 2008 crisis. The homeowners started to finance their mortgages at very low interest rates and hence denying the financial banks room for development. Other homeowners picked on securing secondary mortgage loans due to appreciation of prices.

The housing bubble started to collapse in early 2006. Several factors led to the bursting of the housing bubble. There was decline or stagnation of the hourly wages in the United States of America between 2002 and 2009 and hence house prices could not continue rising. This is because the houses had become completely unaffordable. The second cause of bubble bursting was as a result of increased supply of houses due to the high market demand. Consequently, the supply of houses superseded the demand in the market. This case reduced monopoly by the housing providers and later increased the desired healthy competition in the housing industry. As a result, the house prices began to decline due to the high supply and less demand. The above causes were also related to the subprime lending-another cause of the 2008 financial crisis.

Increased Debt Burden or Over-Leveraging

Before the 2008 financial crisis, there was an increased leveraging of financial institutions. The institutions were very optimistic and hence they did not mind engaging in risky investments. They also set up smart measures that would cushion them from the unexpected consequences. The leverage entailed the use of complicated financial tools such as derivatives and off balance sheet securitization. This was risky because it denied the financial monitors and crediting institutions the capability to curb the impending risks. It became harder to reduce the risk levels due to the vulnerability exposure by the financial institutions and their subsequent moderations. Consequently, the measures could not curb the stress on the financial institutions and hence exacerbating bankruptcy of several commercial banks and other lending institutions.

There was evidence of over-leveraging by the financial institutions in the United States during this prime period. The financial institutions became highly indebted just before the 2008 financial crisis set in. The institutions were hence vulnerable to the failure of the housing bubble. The economic tantrums became worse in precedence to the crisis. At this time, the U.S household debt hit 127 percent in 2007, up from 77 percent in 1990. Allegedly, the debt led to economic recession that in turn led to the fall in employment rates and increased credit losses by the involved financial institutions. Other effects were also felt prior to the crisis as far as the household and the financial institutions finances are concerned. After the spread of the balance sheet leveraging across the economy, consumers started to save on the purchase of durable goods, businesses started to lay off workers, planned investments were cancelled and the financial institutions started to freeze their assets to improve their financial stability while bolstering capital.

Commodities Boom

Following the collapse of housing bubble in early 2007, prices of essential commodities increased. The increase in commodity prices was one of the very many consequences of the housing bubble burst. The housing bubble, according to economists, was very stressful to the household economy and the banking institutions at large. Consumption of certain commodities was either regulated or cut off to increase on savings and carter for the other basic needs. To prove this, it is on record that the price of oil was approximately three times the initial price. The price tripled to US $147 from a mere US $50 between 2007 and 2008. There was speculation that money was flowing from the household finances into commodities. The financial institutions were also blamed for the increased commodity prices. There existed an acute shortage of raw materials and hence increasing the cost of production. This scenario subsequently raised the prices of essential commodities. The raw material crisis was somehow contributed by the Chinese dominance in Africa and the other potential states in the world.

The soaring prices of oil directly affect the arithmetic involved in consumer spending. Most often, production cost is transferred to the consumers who are required to spend more on gasoline and gas than on the other essential commodities. During the 2008 financial crisis, house bubble was part and parcel of all these occurrences and hence its exacerbation as a result. The pending issues were not solved in accordance with the economic situation due to the surging oil prices. The oil producing countries were the main beneficiaries of this scheme as they ended up accumulating most of the wealth. Apparently, the oil importing countries had to spend more in purchasing the oil and hence the cost of commodity production in the respective states increased. The consumers were the main sufferers because they had to redirect finances from other avenues to settle the commodity bills. Copper and Nickel prices also went high prior to the crisis. Without any doubt, it is evident that the effects of the price instabilities and price variations contributed to the financial crisis.

Role of Economic Forecasting

  Economists are the principle advisors whenever economic issues such as depression, recession and stability are concerned. They are required to analyze the past financial crisis and should be responsible for forecasting any impending economic crisis. They are also required to advice the ordinary people, stakeholders and financial institutions on economic trends, future crises and the mitigation measures of mitigating them. An unfortunate occurrence took place prior to the eruption of the 2008 financial crisis. The crisis was not predicted by the mainstream economists in the United States. However, it is rife that several heterodox economics had a feeling of the occurrence of the crisis but there was an argument of misunderstanding between them. They had varying arguments on the estimating of the appropriate time of the crisis. Only 12 of the economists managed to predict the crisis. They included Eric Janszen of the US, Dean Baker of the US, Fred Harrison of the UK, Wynne Godley of the UK, Kurt Richebacher of the US, Peter Schiff of the US, Nouriesl Roubini of the US, Steven Keen of Australia and Denmark’s Jens Kjaer Sorensen.

Schools and other economic institutions also predicted the crisis. The schools based their predictions on observing the effects of artificial and laxity in the supply of money. It was also stated that the economists were unable to predict the crisis since the 1930’s global Great Depression. There were several articles including the New York Times and other university journals that had a revelation of the occurrence of the 2008 global financial crisis. However, from the economic school of thoughts’ perspective point of view, it is stated that predicting financial crises is a nearly impossible task.

Impacts on Financial Markets

The 2008 financial crisis impacted negatively on financial markets. Since the financial markets greatly affect the economy, various stakes were upheld and hence the stress on the economy. The impact was evident on the U.S stock market and the other financial institutions.

U.S Stock Market

In October 2007, the stock market in the United States peaked after exceeding the Dow Jones Industrial Average Index with 14, 000 points. In early 2008, the stock market started experiencing a steady decline until it reached approximately 6, 000 points by March 2009. The statistics started to flourish again between March 2009 and early 2011 when it exceeded 12, 000 points. The points were recorded above 13, 000 points by 2012. This was a positive improvement based on the comparison between the performances of the stock market during 2007, 2008, 2009, 2010, 2011 and 2012. The steady increase was quite beneficial to the economy of the United States at a time when it was experiencing the most drastic effects of an economic downtown.

2008 Financial Crisis
2008 Financial Crisis

Partially, the quantitative easing technique that was applied by the Federal Reserve’s economic policy of aggression was behind the success of recovery of the United States stock market. The recovery of the United States stock market back to its functional status was a welcome effect that was essential to curb the effects of the financial crisis and mitigate the future occurrences of the same caliber. The positive performance in the stock market was also attributed to various factors concerning the efforts steered by the financial community to save the economy from succumbing to the financial crisis. The poor performance by the United States’ stock market was also experienced during the Great Depression.

Financial Institutions

Financial institutions are a conglomerate of bankers and providers of banking services. Lending firms and institutions are also part and parcel of the financial institutions. There was an estimated amount of money by the International Monetary fund alleged to have been lost by the U.S banks and European banks. The estimated amount of the lost money was $ 1 trillion. The money was lost through poor techniques of loan allocations between the time period of 2007 and September 2009. Approximately 60 percent of American banks were affected while 40 percent of the banks in Europe were affected.

Northern Rock bank of Britain was one of the worst-hit banks in the European region. The bank engaged in over leveraging matters of business that later forced it to seek security and protection from the Bank of England. This led to bank-run and instilled panic among the investors in September 2007. The bank’s management was then put under the receivership of the public by the British government after failing to secure the interests of willing private investors to take control of the bank. The Northern Rock’s scenario was just an indication of the very many problems that the other financial institutions were facing. The mortgage lending firms were the most affected since most of them became bankrupt. They were unable to secure their loans and financial benefits from credit markets. Almost all financial institutions predicted danger in terms of downfall and bankruptcy. The consequences included complete failure of the institutions to survive, subjection to takeover by the government or fire-sale in terms of duress acquisition by the willing investors. Most of the U.S and European banks were completely eliminated from the financial map.

Effects on the Global Economy

Global economy is supposed to be sustained at all costs. It is responsible for diversification of the resources and economic empowerment of the countries that operate under one umbrella. When one country is hit by an economic crisis, the other countries that engage in economic activities with the affected country are likely to experience an economic shakeup. Financial crisis is just like any other crisis but its effects are the most tragic because they impair economic growth. Economic stability is beneficial to a country while its instability has negative impacts on both the country and the citizens within its borders. Matters of economic interest are given the first priority when it comes to security and protecting citizens from economic depressions and its aftermaths such as high production costs, high interests on the borrowed funds and the subsequent increase in commodity prices. Apparently, the 2008 financial crisis affected several states both directly and indirectly.

Analysis of the commentators’ suggestion is welcome for argumentation. The commentators, with too much experience in the world economic trends commented on the impending effects of liquidity on the global economy. However, if the liquidity crisis persists, recession is likely to continue manifesting. With no mitigation measures urgently put in place to curb the liquidity crisis, it is likely that even more drastic effects of the recession will be experienced. Continued persistence of the financial crisis is predicted to affect the global economy which in turn can cause a collapse of the economy if not mitigated as soon as possible. This is an argument from a group of certain forecasters. Contrary to this argument, there also exists another group of optimistic forecasters who believe that financial crisis is not likely to affect the global economy.

School of thoughts has it that the financial crisis is likely to cause a major shakeup in the banking industry due to the melt-down of loans and savings. In mid-October 2008, the Investments Banks in the United States and the United Kingdom declared that continued financial crisis was a clear-cut indication of an impending global recession. They even had the audacity to estimate the time it would take for the global recession to start manifesting itself. They estimated the minimum period before the global recession could start shaking the economy as two years or less. Later on, the economists predicted that the crisis would end soon and that it was now the beginning of its end. This was evidenced by the efforts made by financial stakeholders in the world. This action was supposed to mitigate the financial situation immediately. Subsequently, the government injected reasonable capital into the economy that facilitated the cut-down of interest rates. This was one of the initial steps meant to enhance the well-being of the interested borrowers or the borrowers who were still repaying their loans. This meant that mortgages were now more affordable or better off. Their repayment was made cheaper as compared to the previous times when they were very high.

The United Kingdom was clever enough to mitigate the effects of the financial crisis by injecting the mentioned capital into its economy. The central banks across the globe were forced to cut-down the bank interests imposed on borrowers. This sufficiently helped to revive the deteriorating economy by attracting large numbers of borrowers. The United States was also required to systematically inject capital into its economy. This was not meant to completely mitigate the crisis because the worst was expected. It was only meant to deal with the financial crisis at that time but not the main solution to the crisis and the presumably impending economic crisis such as the global economic recession.

The UBS had already estimated the presumed duration of the expected recession in various economic power houses in the world. Recession in the Euro zone was to last for an approximated period of six months, the United States was to experience it for three quarters while the United Kingdom was to face a recession that would last for four quarters. Iceland is an example of some of the commonest countries on earth to be directly affected by the financial crisis. There was a major banking collapse in Iceland. It is still rated as the world’s major banking collapse in the history of economy.

The other countries in the world were also affected by the crisis because the Unites States was by then, the biggest shareholder in the world economy. Its spending habits were very beneficial to the world and hence it is intuitive to state that the rest of the world depended greatly on its success. The negative effects on the global economy were first observed in 2009 when Japan experienced a 15% decline in its GDP, 14% in Germany, 21% in Mexico, and 7% in the UK. The other developing countries also suffered significant slowdowns in their economic trends. However, the Arab World was least affected by the financial crisis because there were different sources of finances.

Government Responses

The government of the United States was supposed to establish the most appropriate mitigation measures and thereafter implement them for the purpose of streamlining the economy and its subsequent cushioning from any future crisis. There were various measures that were lined up by the government to gain both temporary and permanent stability of the economy. The two main responses included the short-term and emergency responses and long-term responses and regulatory proposals.

The Short-Term and Emergency Responses

The central banks across the world and the US government under the jurisdiction of the Federal Reserve have put the most appropriate measures in place to facilitate money supply and prevent occurrence of deflationary spiral. Deflationary spiral is the situation where high employment rates and lower wages cause low global consumption trends. The governments are also spending and borrowing funds from outside sources to increase demand by the private sector. The Federal Reserve in the United States dealt with the emergency by expanding liquidity facilities to enable the central bank to carry on with its duty of lending money. In mid-2008, the Central Banks and the Federal Reserves responded promptly to the crisis by settling government debts and buying private assets from the hard-hit banks. The European governments and the United States raised their national banking systems’ capital by approximately U.S$ 1.5 trillion. They purchased stocks from the major banks to set-off the liquidity saga. To curb further liquidity, the U.S government decided to create currency valued at approximately 600 Billion dollars and injected them into its banks. Brave enough, the banks invested the money in foreign investments and currencies.

Long-Term Responses and Regulatory Proposals

There was a series of regulatory proposals introduced in 2009 by President Barack Obama of the U.S. The contents of the proposal included consumer protection, cushioning of bank finances, and regulation of the systems involved with shadow banking. Another proposal was to limit involvement of banks in proprietary banking. In Europe, the regulators drafted regulations for their banks. The proposals required the banks to amend their liquidity requirements, increase capital ratios and limit leverage. The regulations have since increased lending to the government by the banks and hence increasing the risk of a possible financial crisis. More lending to the government has been encouraged.

Without the long-term, short term responses and regulatory proposals, the crisis could have worsened and even led to a global economic recession. The government of the United States through its Federal Reserves, the government of the United Kingdom and the economic regulators in both countries were pivotal in mitigating the crisis and preventing a repeat of the same in the future. The short term measures were meant to deal with the situation immediately before the most appropriate long-term measures could be approved and implemented. The proposals were also implemented by various central banks across the affected nations in the world. The United States led the other nations such as the United Kingdom in the fight against the financial crisis through the most appropriate short-term and long-term responses. A positive improvement was observed as the economy started to be more stable and sustainable. The proposals were also very significant because they managed to streamline the banking systems which are still effective at the moment. There is optimism that the measures and proposals will continue to be effective for the purpose of decreasing the probability of occurrence of another financial crisis in the future. These measures and proposals are still in place up to now though with subjectivity to legislated amendments.

Response by the Congress of the United States

The United States-being the worst affected by the financial crisis-sort assistance from the law makers and the Congress. Under the leadership of President Barack Obama, the congress and the senate were required to pass the most important financial Bills into law. The Bills were meant to cushion the U.S economy from any impending financial crisis. Stability of the economy was achieved after the implementation of the Bills. At the end of 2009, the House approved a Bill titled Wall Street Reform and Consumer Protection Act 2009. The Act was enacted to protect the consumers against exorbitant prices of consumer goods and services. The interest rates were also shelved for the benefit of borrowers. Another response involved the enactment of Restoring American Financial Stability Act 2010 in mid 2010 by the U.S Senate. Several other Acts were enacted in response to the financial crisis. Meanwhile, in April 2012, a court in Iceland prosecuted a former Prime Minister for instigating the Icelandic Financial Crisis between 2008 and 2012.

Stabilization

Economic stability was the main remedy for the persisting financial crisis which impacted greatly on the global economy. Stabilization was to be achieved through the well-researched mitigation measures. The affected economies were supposed to get back on their feet after nullifying the threat from interfering with their finances. The United States and the United Kingdom were the front runners in ensuring economic stability.

The U.S recession lasted between December 2007 and June 2009. Similarly, the financial recession also ended at the same time. By the beginning of 2010, President Barack Obama declared that the markets were stable and that he had managed to retrieve the money spent on the banks during the crisis. The stability can also be evidenced by the observed growth of most stock markets. However, fundamental changes are yet to be made on financial markets and banking.

Bibliography

Duhigg, Charles (October 4, 2008). “NYT-The Reckoning-Pressured to Take More Risk, Fannie Reached Tipping Point”. The New York Times. Retrieved March 22, 2013.

Ivashina, Victoria and Scharfstein, David. Bank Lending During the Financial Crisis of 2008. Working Paper. Harvard: Harvard Business School, 2008.

Jickling, Mark. Causes of the Financial Crisis. April 9, 2010.

John B. Taylor, “The Financial Crisis and the Policy Responses: An Empirical Analysis of What Went Wrong”, November 2008, pp13-14.

Koller, Cynthia A. (2012). “White Collar Crime in Housing: Mortgage Fraud in the United States.” El Paso, TX: LFB Scholarly.

Markus, Brunnermeier, Deciphering the Liquidity and Credit Crunch 2007–2008, Journal of Economic Perspectives, 23:1, Winter 2009.

Simkovic, Michael. “Secret Liens and the Financial Crisis of 2008” American Bankruptcy Law Journal, Vol. 83, p. 253, 2009.

Smith, Gregory. US House Committee on Oversight and Government Reform, Hearing on causes and effects of the Lehman Brothers bankruptcy, 6 October 2008.

Stewart, James B. “Eight Days: the battle to save the American financial system”,

The New Yorker magazine, September 21, 2009. Pages 58–81.

Troshkin, Maxim. Technical Notes on Facts and Myths about the Financial Crisis of 2008. Working Paper 667, Federal Reserve Bank of Minneapolis, 2008, 12.

Williams, Carol J.). “Euro crisis imperils recovering global economy, OECD warns”. (May 22, 2012) Los Angeles Times.

“World Economic Outlook: Financial Crisis and Recovery, April 2009” (PDF). Retrieved March 8, 2013. Federal Deposit Insurance Corporation, History of the Eighties – Lessons for the Future, Vol. 1.

Click Here To View Finance Dissertations

Cloud Based Intrusion Detection Systems

Managing Cloud Based Intrusion Detection Systems (IDSs) in Large Organizations

Intrusion Detection Systems (IDSs) are becoming the important priority to secure the organizations’ IT resources from potential damages. However, organizations experience a number of challenges during IDS deployment. The preliminary challenges of IDS deployment involve product selection according to organizational requirements and goals followed by IDS installation. IDS installations frequently fail due to resource conflicts and the lack of expertise necessary for the successful installation. Post installation phases of IDS involve a number of challenges associated with proper configuration and tuning that requires advance skills and supports. Organizations can overcome many obstacles of product installation and IDS configuration through maintaining a test-bed and phased deployment. Once IDS is operational, IDS data undergo various levels of analysis and correlation. To perform data analysis tasks, administrators require advance programing and networking skills and an in-depth knowledge on organizational network, security, and information architecture. Sometimes large organizations need to correlate data from multiple IDSs products. One potential solution to that is the use of SIEM (Security Information and Event Management) software. Organizations also need to ensure the security and integrity of various IDS components and data. Agents’ and data security can be overcome by maintaining a more autonomous design in the agent structure and incorporating appropriate formats, protocols, and cryptographic arrangements in different phases of data lifecycle. IDS products require ongoing human interaction for tuning, configuration, monitoring and maintenance. Hence, Organizations need to gather different levels of skills for the proper deployment and operation of IDS products.

Managing Cloud Based Intrusion Detection Systems in Large Organizations

Intrusion detection is the surveillance of computer hosts and associated networks through observing various events and identifying signs of unauthorized and unprivileged accesses and other anomalous activities that can compromise the confidentiality, availability, and integrity of the system (Singh, Gupta, & Kumar, 2011; Sundaram, 1996; Lasheng & Chantal, 2009). With rising number of malicious attacks on organizational information network, intrusion detections and security incident responses have become the key priorities to organizational security architecture since the widespread industrial adoption of network during the 1990s (Yee, 2003). Today, the placement of a dedicated intrusion detection system (IDS) in organizational IT system is one of the important considerations for organizations (Werlinger, et al., 2008). The aim of intrusion detection system is to ensure adequate privacy and security of the information architecture and save IT resources from potential damages from various internal and external threats (Scarfone & Mell, 2007). Intrusion detection systems (IDSs) monitor and record activities or events in computer and network environment and then analyze them to identify the intrusion.

With industry’s wide spread adoption, intrusion detection systems have become the de facto security tools in corporate worlds. Major organizations and governmental institutions have already deployed or on the verge of deploying IDSs to secure their corporate networks. However, the deployment of IDS, particularly in the distributed network of a large organization, is a non-trivial task. The complexity and the time required for installation depends upon the number of machines that need to be protected, the ways those machines are connected to the network, and the depth of surveillance the organizations need to achieve (Iheagwara, 2003; Innella, McMiIlan & Trout, 2002). As a result, large organizations need elaborate planning during different phases of IDS deployment, including during product evaluation and testing, suitable placement of IDS agents and managers, configuration of IDS components, integration of IDSs with other surveillance products, etc. (Bye, Camtepe, & Albayrak, 2010; Bace & Mell, 2001) The aim of this paper is to discuss various challenges associated with IDS deployment in large-scale distributed network of big corporations. Particular emphases are given to the various challenges associated with the management of agents, collection of agent data, and the correlation of IDS data to identify possible intrusions in large scale distributed networks. The paper will also discuss various “real-world” encounters during different stages of IDS deployment, such as, during evaluation of products, IDS installation and configuration, management and ongoing operation, etc. and make necessary recommendations to overcome those difficulties.

Why are Intrusion Detection Systems Required for Large Organizations?

Networks are ubiquitous in today’s business landscape. Organizations harness network power to develop sophisticated information system, to utilize distributed and secured data storage, and to provide valuable web-based customer services. Software vendors provide their applications to the end users through networks. Networks allow employees to gain remote accesses to their offices or organizational resources. These proliferations of network activities have flooded the internet with different classes of cyber threats, including different classes of hackers, rogue employees, and cyber terrorists. A significant number of these threats derive from competitor organizations seeking to exploit organizational resources or to disrupt productivity and competitive advantages. In recent years, the proliferation of heterogeneous computer networks, including a vast number of cloud networks, has increased the amount of invasive activities. Today cloud based e-commerce sites and business services are major targets of attackers. The damaging costs resulting from cyber-attacks are substantial. The traditional prevention techniques, such as secured authentication, data encryption, various software and hardware firewalls are often inadequate to prevent these threats (Rao, Pal, & Patra, 2009; Anderson, Frivold, & Valdes, 1995). Various kinds of system vulnerabilities are undeniable or typical features of computer and network systems. The intruders frequently search for various weaknesses of defensive products, such as a subtle weak point in the firewall configuration, or a loosely defined authentication mechanism. Hence, the investment in an intrusion detection system within an organization’s security architecture as a second line defense mechanism can increase the overall security postures of the system.

Overview of IDS

General Architecture

A distributed agent-based architecture consists of two main components–i) IDS agents and ii) the management server (Beg, Naru, Ashraf, & Mohsin, 2010). An agent is a software entity that perceives different aspects of its location (networks and hosts) and capable of acting itself according to the supplied protocols (Boudaoud et al., 2000; Mell et al., 1999). Intrusion Detection Systems agents work independently (Brahmi, Yahia, & Poncelet, 2011), interact with central management servers, follow protocols according to the systems’ requirements, and collaborate with other agents in an intelligent manner (Lasheng, & Chantal, 2009). The management server is the cornerstone of an IDS that facilitates centralized management of IDS components. This includes tuning, configuration and control of distributed agents; aggregation and storage of data sent by various agents; correlation of distributed data to identify intrusions; and the generation of alerts (Chatzigiannakis et al., 2004). The central node also performs any update and upgrading of the system (Chatzigiannakis et al., 2004). In case of a mobile agent based distributed IDS, the management server also responsible for dispatching agents and maintaining communication with them. The difference between a normal and a distributed agent based Intrusion Detection Systems is that in a distributed IDS, the significant part of analysis tasks are performed by the agents situated across the network. The agents maintain a flat architectural structure communicating only the main results to the central server as opposed to sending all data to the central node through a hierarchical structure.

IDSs Classification

Based on the locations on which IDS agents are distributed, IDSs can be categorized into two broad classes–hosts based and network based.

Host based IDS. A host intrusion detection system (HIDS) is installed and run on an individual host where it investigates all inbound and outbound packets associated with that host to identify intrusion (Singh, Gupta, & Kumar, 2011; Neelima & Prasanna, 2013). Besides network packets, HIDSs also monitor various system data, such as event logs, operating system processes, file system integrity, and unusual changes to various configuration settings (Scarfone & Mell, 2007; Bace & Mell, 2001; Kittel, 2010). The architecture of a host based IDS is very straight forward. The detection agents are installed on the hosts, and the agents communicate over the existing organizational network (Scarfone & Mell, 2007). The event data are transmitted to the management server and are manipulated through a console or command line interface (Scarfone & Mell, 2007; Ghosh & Sen, 2005). Host-based IDSs have greater analysis capabilities due to the availability of dedicated resources to the IDS (i.e., processing, storage, etc.) and hence work with a greater degree of accuracy (Bace & Mell, 2001; Garfinkel & Rosenblum, 2003). However, HIDSs have some limitations. Installation, configuration, and maintenance of the IDS must be performed in each host individually, which is extremely time consuming (Scarfone & Mell, 2007; Bace & Mell, 2001). HIDSs are also vulnerable themselves due to their poor real-time responses (Bace & Mell, 2001; Kozu.shko, 2003). However, host based IDSs are excellent choices for identifying long term attacks (Kozushko, 2003).

Cloud Based Intrusion Detection Systems
Cloud Based Intrusion Detection Systems

Network based IDS. Network based IDSs identify intrusions through analyzing traffics of a dedicated organizational network in order to secure the associated hosts from malicious attacks (Bace & Mell, 2001). Instead of investigating various activities within the hosts, network based IDSs focus only on packet streams that travel through the network. Network IDSs investigate network, transport, and application protocols and the various network activities, such as port scanning, connection status, port access, etc. to determine attacks. In a network based IDS, multiple sensors or agents are placed on various strategic points on the network (Singh, Gupta, & Kumar, 2011) where they guard a particular segment of network (Scarfone & Mell, 2007), perform local analysis of traffics with the associated hosts, and communicate the results to the central management server. The results from various agents are coordinated to identify planned distributed attacks within the organizational network. ( Bace & Mell, 2001). Network based IDSs are faster to implement and more secured than host-based IDSs. However, there are some disadvantages of NIDSs. One of them is the frequent dropping of packets which normally occurs in a network with high traffic density or during the periods of high network activities (Bace & Mell, 2001; Chatzigiannakis et al., 2004). Network based IDSs are unable to process encrypted information, which is a major drawback in monitoring virtual machine hosts (Bace & Mell, 2001). Network based IDSs only identify signs of attacks but cannot ensure whether the target host is infected (Bace & Mell, 2001), and thus, the manual investigation of host is necessary to trace and confirm associated attacks.

IDS Classification According to the Detection Approaches

According to the mechanism of or approaches to intrusion detection, IDSs can be classified further into two categories: i) anomaly based detection system and ii) misuse or signature based detection system.

Anomaly based detection system. Anomaly detection system is based on the principle that all intrusions are linked with some deviations of normal behavioral patterns (Maciá-Pérez et al., 2011; Ghosh & Sen, 2005; Abraham & Thomas, 2005; Singh, Gupta, & Kumar, 2011). It identifies intrusions by comparing the patterns of suspicious events against the observed behavioral patterns of the monitored system (Beg, Naru, Ashraf, & Mohsin, 2010). The anomaly detection programs collect historical data from the system and construct individual profiles that represent normal patterns of host and network utilization (Bace & Mell, 2001). The constructed database along with appropriate algorithm is used to verify the consistency of the network packets. Anomaly detection agents are preferable in that they can detect attacks that are completely unrecognized before (Beg, Naru, Ashraf, & Mohsin, 2010; Kozushko, 2003). However, the rates of false positive generated by the agents are very high (Ghosh & Sen, 2005; Brahmi et al., 2012), and intruders may disguise themselves by mimicking acceptable behavioral patterns (Ghosh & Sen, 2005).

Misuse or signature based detection system. Misuse detection approaches depend upon the records of existing system vulnerabilities and known attack patterns (Abraham & Thomas, 2005). Misuse detection systems generate fewer false positives compared to the anomaly detection systems (Ghosh & Sen, 2005; Faysel & Haque, 2010). They are also easy to operate and require minimum human interventions. However, misuse detection techniques are vulnerable to new attacks that have no known signature or matching pattern (Brahmi, Yahia, & Poncelet, 2011; Ghosh & Sen, 2005). So, the signature database of a misuse detection system needs to be frequently updated to recognize the most recent attacks (Scarfone & Mell, 2007). 

IDS Design and Development Challenges

Challenges in Managing Intrusion in Distributed Network

In recent years, security concerns are shifting from host to network due to the proliferation of internet based services, distributed work environment, and heterogeneous networks. The majority of the current IDS vendors are adopting network based and distributed approaches to security in their products (Suryawanshi et al., n. d.). However, there are a number of limitations to most of the distributed IDSs. Firstly, the monitoring agents from the distributed hosts and network send event data to the centralized controller components (Suryawanshi et al., n. d.; Brahmi, Yahia, & Poncelet, 2011; Kannadiga & Zulkernine, 2005). Because of the centralized data analysis performed, these systems are vulnerable to a single point of failure (Bye, Camtepe, & Albayrak, 2010; Zhai, Hu, & Weiming, 2014; Brahmi et al., 2012; Tolba et al., 2005; Araújo & Abdelouahab, 2012). Secondly, the architecture of these systems consists of a hierarchical tree-like structure with the main control system at the root level, sensor units at transient or leaf nodes and information aggregation units at some internal nodes. Information collected from local nodes is aggregated at the root level to obtain a global view of the system (Brahmi et al., 2012). Large scale data transfer from transient nodes to the central controller unit during the aggregation process can create network overloads (Suryawanshi et al., n. d.).

These results in a communication delay and an inability to detect large scale distributed attacks efficiently in a real-time manner (Brahmi et al., 2012). In order to overcome these limitations, recent IDSs incorporate various technologies supporting agent-based data analysis and intrusion detection, where agents perform most analysis tasks and send only the important data to the centralized nodes directly through a flat communication structure. Multi-agent based distributed intrusion detection systems (DIDS) are partly autonomous systems capable of self-configuring upon changing contexts of network and hosts and disseminating their analytical capabilities in different corners of network in a distributed manner (Gunawan et al., 2011; Tierney et al., 2001). Through adopting a hybrid approach, such as both the network and host monitoring as well as implementing both anomalous and signature detection methods, distributed agents can coordinate the results of hosts and networks more accurately and perform more comprehensive intrusion detection (Abraham & Thomas, 2005; Brahmi et al., 2012).

Major Challenges with Distributed IDS

The most important challenges associated with distributed IDSs are the correct placement of agents (Sterne et al., 2005). Large number of misplaced agents can drive inefficiency and therefore agent locations must be justified through proper investigation of network topology, such as the characteristics of routers and switches, number of hosts, etc. (Chatzigiannakis et al., 2004). Another major challenge is how the heterogeneous data from different sensors should be collected and analyzed to identify an attack (Chatzigiannakis et al., 2004; Debar & Wespi, 2001). Furthermore, being distributed in nature, agents are vulnerable to become compromised themselves. Agents need to follow a common communication protocol and transfer data to centralized server securely without producing too much extra traffic (Chatzigiannakis et al., 2004). Agents’ security and integrity also largely maintained and ensured by the management server. Hence, securing the management server is an important task for the overall security of an IDS. Organizations should consider a dedicated server for the entire management host (Wotring, 2010), which will lower the number of accesses in the server and eventually reduce the exposure to vulnerability. Further restrictions to both physical and network accesses in the management server must be incorporated through proper authentication mechanism and physical restrictions to the server areas. Sometimes the management server can be put behind a dedicated firewall to enhance the security status (Wotring, 2010; Brennan, 2002).

Deployment Challenges of IDS

Consideration before Deploying an IDS

Due to the various limitations of IDS products and a lack of skilled network security specialists in the market, IDS deployment in large organizational network involves substantial challenges. A successful IDS deployment requires elaborate planning, requirement analysis, prototyping, testing, and training arrangement (Bace & Mell, 2001). A requirement analysis is conducted to prepare an IDC policy document that demonstrates the organization’s structure and resources and reflects its IDS strategies, security policies, and goals (Bace & Mell, 2001). Before specifying organizational requirements, it should be borne in mind that an IDS is not a standalone security application, and the main objective of an IDS is to monitor traffic on the organization’s internal network in order to complement existing security controls (Werlinger, et al., 2008).

Specifying system architecture. Before evaluating and selecting an IDS product, organizations should specify the important requirements for which they seek a potential IDS solution. In order to accomplish this goal, organizations may plan and document important properties of their system, such as –i) system and network characteristics; ii) network architecture diagram; iii) technical specifications of the IT environment, including the operating systems, typical services, the applications running on various hosts, etc.; iv) technical specifications of security structure, including existing IDSs, firewalls, antivirus tools, and various hardware appliances; v) existing network communication protocols; etc. (Scarfone & Mell, 2007; Brandao et al., 2006). These considerations will help organizations to determine which type of IDS is necessary to give optimum protections of their systems.

Specifying goals. Once the system architecture and general requirements of the system is documented, the next steps is to specify technical, operational, and business related security goals that the organization wants to achieve by implementing an IDS (Bace & Mell, 2001; Scarfone & Mell, 2007). Some of these goals may be i) guarding the network from particular threats; ii) preventing unprivileged accesses; iii) protecting important organizational assets; iv) exerting managerial controls over the network; v) preventing violations of security or IT policies through observing and recording suspicious network activities; etc. (Scarfone & Mell, 2007). Some security requirements may have implications with organizational culture; such as, the organization that maintains a high degree of formalization in its culture may look for IDSs suitable for various formal policy configurations and extensive reporting capabilities regarding policy violations (Bace & Mell, 2001). A few security goals may derive from external requirements that the organizations may need to achieve, such as legal requirements for the protection of public information, audit requirements for security practices, or any accreditation requirement (Bace & Mell, 2001). There may be industry specific requirements, and organizations need to ensure whether the proposed IDS can meet those (Bace & Mell, 2001).

Specifying constraints. IDSs are typically resource intensive applications that need substantial organizational commitments. The most important constraints that organizations need to take into account are the budgetary considerations for the acquisition of software and hardware, infrastructure development, and for the ongoing operation and maintenance. Organizations should identify IDSs’ functional requirements or the users’ skill requirements to operate them effectively (Bace & Mell, 2001). Organizations that will not be able to incorporate substantial human resources in IDS monitoring and maintenance activities should choose an IDS that is more automated and requires little staff time (Scarfone & Mell, 2007).

Product Evaluation Challenges

The evaluation of an IDS product is the most challenging aspect on which the success of intrusion detection depends. Today there are a range of commercial and public domain products available for deployment (McHugh, Christie, & Allen, 2000). Each product has distinct drawbacks and advantages. While some products work well in particular types of organizational network, some IDSs may not produce desired results in certain industrial settings. In order to overcome these challenges, organizations must evaluate an IDS product in terms of their system resources and protection requirements (McHugh, Christie, & Allen, 2000). Vendor-specific information, product manuals, whitepapers, third-party reviews, and information from other trusted sources can be valuable resources during the product evaluation (Scarfone & Mell, 2007). IDSs’ detection accuracy, usability, life cycle costs, vendor supports, etc. are some of the most critical aspects during product evaluation. Other features that must be taken into account are security, interoperability, scalability and reporting capabilities (McHugh, Christie, & Allen, 2000; Scarfone & Mell, 2007).

Product performance. The performance of IDS is the measure of event processing speed (Debar, Dacier, & Wespi, 1999). The performance feature of IDS products must take a very high degree of attention, as the anomalous or suspicious events must be detected in real-time and reported as soon as possible to minimize damages (Mell et al., 1999; Scarfone & Mell, 2007). Network based IDSs normally suffer from performance problems, particularly where IDSs have to monitor heavy traffic associated with lots of hosts in a distributed network (McHugh, Christie, & Allen, 2000). The performance of IDSs also largely depends on extensive configuration and fine-grained tuning according to the network architecture (Scarfone & Mell, 2007), and testing IDSs with default settings may not represent original performance of the product. These make the evaluation of the product performance extremely challenging. In addition, IDSs with more robust detection capabilities will consume more processing and storage, which can cause the performance loss (Scarfone & Mell, 2007; Yee, 2003). Hence, the scalability feature that allows IDSs dynamically allocate processing power and storage can be one of the important performance evaluation criteria (Mell et al., 1999).

Security considerations. During the evaluation of an IDS product, various technologies and features associated with product security must be taken into account, such as protection of stored data, protection of transmitted data during communication between various IDS components, authentication and access control mechanisms, IDS hardening features after product installation, etc. (Scarfone & Mell, 2007). Organizations need to identify whether the IDS is resistant to external modifications (Kittel, 2010). This can be accomplished by checking various features, such as the level of isolation (in case of VMI base IDS) (Kittel T, 2010); cryptographic arrangements during inter-agent communication (Mell et al., 1999); isolated monitoring features; (Kourai & Chiba, 2005); etc.

Interoperability, scalability, and reporting features. Interoperability is one of the key challenges for security specialists who aim to develop sophisticated enterprise security architecture incorporating the industry’s leading tools (Yee, 2003). Through interoperability features, IDSs from various platforms are able to correlate their results and effectively communicate data with firewalls and security management tools to enhance the overall surveillance status of the system (Yee, 2003; Scarfone & Mell, 2007). While the interoperability feature provides IDSs with the capabilities to integrate their strengths among multiple security products, the scalability feature helps to incorporate more capabilities within a single IDS product as the organizational requirements grow. For large organizations, IDSs must be able to dynamically allocate processing and storage or be able to implement more agents and various IDS components with the extending demands (Mell et al., 1999). The number of agents implementable in a single management server and the number of management servers in a particular stance of deployment may reflect an IDS’s scalable capacity (Scarfone & Mell, 2007). Another feature that reflects more of the usability than the functionality of an IDS is its reporting capabilities. Technical IDS data needs to be presented in a comprehensible format to the corporate users with various skill levels (Werlinger, et al., 2008). The reporting functionalities help tailoring and presenting data in users’ intended and convenient ways. IDSs should facilitate a comparative view of various states over time, such as before and after the implementation of major changes to the configuration, etc. (Werlinger, et al., 2008).

IDSs maintenance and product supports. Because maintenance activities take substantial overheads in operating IDSs, organizations should give various maintenance considerations as the important priorities during an IDS product selection. These include the requirement of independent versus centralized management of agents; considerations of various local and remote maintenance mechanisms, such as host based GUI, web-based console, command line interfaces, etc.; security protections during various maintenance activities, such as securely transmitting, storing, and backing up IDS data; ease of restoration of various configuration settings; ease of log file maintenance; etc. (Scarfone & Mell, 2007).

Organizations require various levels of supports and should identify vendors’ ability in providing active supports according to the requirements during various stages of installation and configuration (Bace & Mell, 2001; Scarfone & Mell, 2007). Apart from on-demand and direct supports, organizations should check whether the vendors maintain users’ groups, mailing lists, forums and similar categories of support in a free of cost manner (Scarfone & Mell, 2007). The quality and availability of various electronic and paper based support documents, such as installation guides, users’ manuals, policy recommendation principles and guidelines, etc. are some of the typical features on which an IDS product can be justified in considerable extents (Scarfone & Mell, 2007). Organizations also need to carefully evaluate various costs associated with the support structure (Bace & Mell, 2001). A significant part of IDSs’ costs normally derives from the hidden costs associated with professional support services during IDS implementation and maintenance, including the training costs for both the administrators and IDS users (Yee, 2003; Bace & Mell, 2001). Organizations also need to recognize the costs of updates and upgrades if they are not free (Bace & Mell, 2001). In addition, the vendors’ capabilities to frequently release updates and patches as well as their capabilities to release the updates in a timely manner in response to new threats; conveniences of collection of each update; available means to verify the authenticity and integrity of individual updates; the effects of each update and upgrade with existing configurations of the IDS; etc. also need to be considered (Scarfone & Mell, 2007).

IDS Installation and Deployment Challenges

The biggest hurdle of IDSs is associated with the installation of the software (Werlinger, et al., 2008). IDS installations require the involvement of security specialists with a broad knowledge on IT and network security and protocols and an in-depth understanding on the organizational structure, resources, and goals (Werlinger, et al., 2008; McHugh, Christie, & Allen, 2000). Unlike other security products installations, an IDS installation is a time consuming and complex process, and the administrators have to face plenty of issues during the installation period. For example, the entire installation may crash in the middle of the installation, or the IDSs may produce inconsistence error messages that are difficult to deal with (Werlinger, et al., 2008). Due to these reasons, careful documentations of various problems and installation information (e.g., various parameters and settings) are necessary during installation, which can save valuable time and resources over the long run (Innella, McMiIlan & Trout, 2002). The amount of tasks and efforts necessary to install an IDS in a specific network can be daunting and overwhelming (Werlinger, et al., 2008). Hence, the availability of automated features in the Intrusion Detection Systems, such as automatic discovery of network devices, faster and more automated tuning options, and quick configuration supports through grouping related parameters, etc. can overcome the challenges with manually performing those tasks (Werlinger, et al., 2008).

Organizations should consider testing IDSs in a simulated environment before placing them in the actual network to overcome various challenges associated with large and complex network (Werlinger, et al., 2008; Scarfone & Mell, 2007). Some of these challenges are: i) the IDS software or network may crash during installation or testing periods due to the resource conflicts within various parts of the network (Scarfone & Mell, 2007), ii) IDS installation may alter the network characteristics undesirably, or iii) problems during the installation may keep the network temporarily unavailable. Organizations also need to consider a multi-phased installation by primarily selecting a small part of the network with limited number of hosts, or initially activating a few sensors or agents (Scarfone & Mell, 2007). Both test-bed and multi-phased installations will help security specialists to gain valuable insights through planning and rehearsal processes. This can help them to cope with various challenges associated with the installation, scalability, and configuration related problems (Scarfone & Mell, 2007), such as tuning and configuring properly to get rid of large amount of false alarms or efficiently dealing with huge traffics in a robust network (Werlinger, et al., 2008). Based upon various IDS technologies and the system’s characteristics, IDSs require different level of ongoing human interactions and dedication of resources (Bace & Mell, 2001). A multi-phased installation will help to justify the human resources and time that an organization needs to incorporate (Bace & Mell, 2001).

Configuring and Validating IDS

IDS configuration challenges. Whether an IDS will perform as an effective surveillance tool for an organization relies upon the informed justification of various configuration and tuning options and the dedication of resources based upon the IDS’s requirements (Werlinger, et al., 2008). The administrators require an in-depth knowledge on organizational missions, organizational processes, and existing IT services during the configuration process (Werlinger, et al., 2008). This knowledge is necessary to accustom the IDS according to the system structure, users’ behavior, and network traffic patterns, which will subsequently help to reduce the false positive generated by the IDS (Werlinger, et al., 2008). Initially, these challenges can be overcome during an installation through the collaboration of experts or security specialists administering different areas of network and servers within the distributed network (Werlinger, et al., 2008). Organizations should follow their existing security policies to configure various features of IDSs that may help them to recognize various policy violations (Bace & Mell, 2001). Following are the most important considerations that need to be ensured during IDSs configuration.

  1. Justifying the placement of agents to guard mission critical assets (McHugh, Christie, & Allen, 2000);
  2. Aligning IDS configurations with organizational security policies (McHugh, Christie, & Allen, 2000);
  • Installing most up-to-date signatures and updates during the initial stages of installation (McHugh, Christie, & Allen, 2000);
  1. Creating users’ accounts and assign roles and responsibilities (McHugh, Christie, & Allen, 2000);
  2. Customizing filters to generate appropriate levels of alerts;
  3. Determining IDS’s alert handling procedures and correlating alerts with other

IDSs (if exist), existing firewalls, and the system or application logs (McHugh, Christie, & Allen, 2000). The interoperability features of IDSs and the use of common alert formats will allow the administrators to integrate data and alerts (McHugh, Christie, & Allen, 2000).

Security hardening and policy enforcement. Sometimes IDSs may be the attackers’ primary targets, and security hardening is necessary to ensure IDSs’ safety (Scarfone & Mell, 2007). The important tasks during security hardening involve; i) hardening IDSs through implementing latest patches and signature updates immediately after installation; ii) creating separate users’ accounts for general users and administrators with the appropriate level of privileges (Scarfone & Mell, 2007); iii) controlling access to various firewalls, routers, and packet filtering devices; iv) securing IDS communication by implementing suitable encryption technology (Scarfone & Mell, 2007); etc.

Ongoing Operation and Maintenance Challenges

Monitoring, operation, and maintenance of distributed IDSs are normally conducted remotely through the management console or GUI (i.e., menus or options). In addition, command line interfaces may facilitate local management of IDS components. Ongoing operation and maintenance of IDSs are substantial challenges for organizations, which require basic knowledge on system and network administration, information security policies, various IDS principles, organizations’ security policies, and incidence response guidelines (Scarfone & Mell, 2007). Sometimes, there requires some advance skills, such as advance manipulating skills (e.g., report generation) and programming skills (e.g., code customization). The most important operation and maintenance activities are:

  1. performing monitoring, analysis, and reporting activities;
  2. managing IDSs for appropriate level of protections, such as re-configuring IDS components with the necessary changes to the network, applying updates, etc.; and
  3. managing skills for ongoing operation and maintenance. (Scarfone & Mell, 2007).

Monitoring, analysis and reporting. Successful monitoring of IDSs involves monitoring of network traffics and the proper recognition of suspicious behavior. The important tasks during ongoing monitoring includes i) monitoring various IDS components to ensure security (Scarfone & Mell, 2007); ii) monitoring and verifying different operations, such as events processing, alert generations, etc. (Scarfone & Mell, 2007); and iii) periodic vulnerability assessments. IDSs’ vulnerability assessments are conducted through appropriate level of analyses by incorporating various IDS features and tools and by correlating agents’ data (Scarfone & Mell, 2007). For ease of monitoring, IDSs require to generate reports in readable formats, which is done through various levels of customization of views (Scarfone & Mell, 2007). Because monitoring and maintenance involve substantial human interventions, these can consume lots of staff time and resources. Organizations can overcome these challenges in two major ways: i) customizing and automating tasks to enhance control over maintenance activities (Scarfone & Mell, 2007) and ii) incorporating smart sensors that work autonomously in the network to analyze the traffics and recognize trends and patterns (Scarfone & Mell, 2007).

Applying updates. Regular IDS updates need to be implemented in order to achieve appropriate protections for both IDSs and the system. Security officials need to check vendors’ notifications of security information and updates periodically and apply them as soon as they are released (Scarfone & Mell, 2007). Both software updates and signature updates are important for IDS security and appropriate functioning. A software update provides bug fixes and new features to the various components of an IDS product, including sensors or agents, management servers, consoles, etc. (Scarfone & Mell, 2007). A signature update enhances IDSs’ detection capabilities through updating configuration data. Hackers can alter the code of updates; so, verifying the checksum of each update is crucial before applying the update (Scarfone & Mell, 2007; Mell et al., 1999; Hegarty et al., 2009). Apart from software updates, organizations need to justify the positioning of IDS agents and components and ensure their optimal placement by periodically reviewing the network configurations and changes (McHugh, Christie, & Allen, 2000).

Retaining existing IDS configurations is a vital consideration before applying an update. Usually, normal updates will not change existing IDS configurations. But, IDS codes that are tailored and customized by the administrators to incorporate desirable functionalities may be altered during code updates. However, administrators should save and backup both customized codes and configuration settings before applying updates (Scarfone & Mell, 2007). Drastically applying updates to the IDS system or components also poses certain challenges. New signatures or detection capabilities can cause a sudden flooding of alerts (Scarfone & Mell, 2007). To detect and overcome the problematic signature from the updates, administrators should test the signature and software updates in a smaller scale or within a specific host or agent (Scarfone & Mell, 2007).

Generating skills. The ongoing operation and maintenance of IDSs and the appropriate utilization of IDS data require security officials with a set of skills and knowledge. Security teams of many organizations are unable to conduct customization or tuning of IDS products based on the IDS data in their own networks within reasonable time frame (Werlinger, et al., 2008). To ensure the effective manipulation of IDSs in both the user and administrator levels, organizations must consider providing training to all stakeholders involved in IDSs operations. This includes acquiring skills on general IDS principles, operating consoles, customizing and tuning IDS components, generating reports, etc. (Scarfone & Mell, 2007). Organizations should take available training options into considerations according to the users’ needs and conveniences, such as online training, CBT, instructor-led training, lab practices, hands-on exercises, etc. (Scarfone & Mell, 2007). Organizations may also utilize various information resources (Scarfone & Mell, 2007), such as various electronic and paper based documents (e.g., installation guides, users’ manuals, policy recommendation principles and guidelines, etc.) to generate skills required during installation and maintenance activities (Scarfone & Mell, 2007).

Managing Distributed Intrusion Detection System Agents

Managing Agents in a Distributed Environment

Different distributed IDS architecture consists of varieties of role-based agents, such as sniffer, filter, misuse detection, anomalous detection, rule mining, reporter agents, etc. (Scarfone & Mell, 2007; Anderson, Frivold & Valdes, 1995). The distribution of intrusion detection tasks among agents substantially reduce IDSs’ operation loads and increase performance. However, one challenge associated with distributed IDSs is the management of large number of agents. IDS agents in many global companies sit on different geographical regions (Innella, McMiIlan & Trout, 2002). To optimize IDSs’ performance and save valuable resources, large organizations need to justify the options between centralized versus distributed management of agents (Innella, McMiIlan & Trout, 2002). If the management of an IDS does not involve several administrators or a hierarchical structure, a centralize approach of IDS management can provide number of benefits over distributed management (Innella, McMiIlan & Trout, 2002). First, it simplifies the network structure and reduces the vulnerability points through reducing the requirement of multiple agents and sensors. Second, the simplified structure will reduce the management costs and other overheads (Innella, McMiIlan & Trout, 2002). Overall, it reduces the network data transportation costs through minimizing the travel of agent data to multiple IDS managers. Organizations should choose the most efficient approach to data collection, and a centralized management can facilitate administrators to coordinate multiple IDSs or agents efficiently through the smooth and uncluttered network (Innella, McMiIlan & Trout, 2002).

Another challenge of managing distributed agents is to ensure agents’ integrity. Hosts must ensure that the agents are free of malicious codes before permitting them to operate on the platform. This is done by signing agents’ codes, i.e., incorporating valid certificates against which the hosts check the integrity of an agent (Krugel & Toth). Agents are vulnerable to modification during its transmission (Krugel & Toth). Applying an appropriate encryption method during agent transmission can overcome the barrier.

In case of mobile agents in distributed IDS, the central management server dispatches varieties of agents to different nodes of the network. A single mobile agent may carry on multiple functionalities which incorporate large amount of codes into the agent’s structure and attribute some limitations on its mobility (Krugel & Toth). A substantial part of these codes are associated with hosts’ operating system specific functionalities (Krugel & Toth). To overcome this limitation, i.e., to keep the agents small in size, only generic codes can be incorporated into the agent’s structure and the operating system dependent codes into the hosts themselves (Krugel & Toth).

Managing Interactions and Communications between Agents

Agents need to communicate each other to maintain the operational consistency. Agents can perform distant communications through creating communication channels among them and then exchanging messages (Brahmi, Yahia, & Poncelet, 2011). Agents interact with each other using an ACL (Agent Communication Language) language (Brahmi, Yahia, & Poncelet, 2011). Information can be sent in text formats using standard and secured protocols (Brahmi, Yahia, & Poncelet, 2011). In some distributed IDS architecture, a mobile agent can directly visit to a particular host, deploy itself on that host, and then exchange required messages (Brahmi, Yahia, & Poncelet, 2011). Upon receiving the messages, the deployed agent can return to the place of its origin or visit another host as required (Brahmi, Yahia, & Poncelet, 2011).

Collecting and Correlating IDS Agent Data

Collection and Storage of Distributed Data

Data collection, aggregation, and storage are vital concerns for effective manipulation and correlation of events data (Innella, McMiIlan & Trout, 2002). Before data aggregation, organizations need to determine which types of data should be collected and preserved. Distributed IDSs place agents in different corners of the network, where agents collect representative data in a distributed manner according to the organizations’ interests (Holtz, David, & de Sousa Junior, 2011). Once collected, data is filtered and analyzed and inferred locally by the agents. Agents normally send only those data to the management sever that are meaningful. However, the responsibility of distributed IDSs or distributed agents is not only to collect network packets but also audit data traces from the associated hosts, such as logs generated by applications, operating systems, and other defensive software (Holtz, David, & de Sousa Junior, 2011). Organizations need to determine whether all these data will be sent to the management server. For security reasons, IDSs log data should be preserved both locally and centrally (Scarfone & Mell, 2007).

Another challenge of data storage is to determine how long the log data should be preserved. Day-to-day accumulated log data can quickly overrun the capacity of data storage. Organizations may need to store IDS data accumulated in as much as two years period (Innella, McMiIlan & Trout, 2002), and conveniently storing these enormous amount of log data in the centralized server of a distributed IDS is challenging (Scarfone & Mell, 2007). To overcome the barrier of data storage, a number of researchers suggested incorporating cloud based data storage in the IDS architecture for scalability, flexibility, and ease of access (Scarfone & Mell, 2007; Alharkan & Martin, 2012; Chen et al., 2013).

Data storage is not only associated with volume issues, other issues, such as storage management and the level of security applied to the data also implies a great deal of challenges. IDS data is vulnerable during transmission and during storage. To ensure authenticity and integrity of collected data, suitable cryptographic arrangements are made during transmission and storage of agent data (Holtz, David, & de Sousa Junior, 2011; Cloud Security Alliances, 2011, Catteddu & Hogben, 2009). Cryptographic arrangements in a large scale system can be managed effectively by deploying the enterprise wide Public Key Infrastructure (PKI) (Sen, 2010; Tolba et al., 2005).

Analyzing Intrusion Detection System Data

The administrators often need to carry out various analysis tasks through data fusion and events correlation in order to identify subtle attacks (Holtz, David, & de Sousa Junior, 2011). Analysis of IDS data requires appropriate manipulation of data originating from the network and hosts. Administrators need sound analysis skills in order to efficiently accomplish this goal. The fundamental unit of IDS data is event (Jordan, 2000). One way IDSs generate alarms is through context sensitive analysis by counting events and determining thresholds. For example, many connections at a certain time is recognized as a SYN flood, or too many different ports visited at a time is recognized as a port scan (Jordan, 2000). Another way to determine an intrusion is through identifying the quality of uncoupled events in terms of their passing of certain criteria, such as the pattern of a pre-recognized signature (Jordan, 2000). In a distributed IDS, the above analysis of IDS data is locally performed by the distributed agents. A more advance analysis is performed in the centralized server through event correlations.

Correlating Agent Data

While the tasks of each agent are to identify network intrusion and suspicious behavior in its associated network segment, the centralized server is responsible for correlating these individual agent data in order to identify planned and distributed attacks on the network (Yee, 2003). The centralized server aggregates agent data for event correlation. In the process of event correlation, if a network packet with inconsistent signature is identified (Jordan, 2000) or an event is recognized as suspicious, the next step is to identify the correlated events demonstrating similar patterns (Jordan, 2000). In order to accomplish this goal, IDSs will constantly search for connections between suspicious and non-suspicious events (Jordan, 2000). Network administrators may need to adopt various analysis techniques (e.g., data fusion, data correlation, etc.) and tools (e.g., honey pots) to successfully carry on the event correlation tasks (Holtz, David, & de Sousa Junior, 2011). However, in a large scale distributed network where each segment of the network poses distinct characteristics and where the hosts are running on heterogeneous environments, associating one suspicious network event with another event generated from a distant network segment is tremendously challenging (Innella, McMiIlan & Trout, 2002). It requires a broad understanding of entire network as well as the effective communication and coordination between security officials responsible for the management of various segments of the network.

Correlating Data from Multiple Intrusion Detection System Products

Correlation of different types of IDS data facilitates the identification of large scale distributed attacks in a coordinated manner (Brahmi et al., 2012; Brahmi, Yahia, & Poncelet, 2011). There are advantages and limitations of each IDS product. A single product cannot ensure the full protection from all kinds of intrusions and malicious activities. Large organizations that have multiple products (either from the same or different vendors) with different detection methods and strategies need to correlate their IDSs’ data to produce maximum benefits from them (Sallay, AlShalfan, & Fred, 2009). A single management interface (or console) can facilitate the coordination, management and control of IDS data coming from multiple IDS products (Scarfone & Mell, 2007). Organizations may need to identify whether the IDS products can directly share and coordinate various kinds of IDS data directly within their management interfaces (Scarfone & Mell, 2007). This normally occurs with different IDS products coming from the same vendor. On the other hand, organizations also need to ensure whether IDSs have interoperability features to share the log files or other output files from other IDSs and security related products (Scarfone & Mell, 2007). This type of coordination among multiple IDSs is normally accomplished by SIEM (Security Information and Event Management) software (Scarfone & Mell, 2007; Chuvakin, 2010).

References

Abraham, A., & Thomas, J. (2005). Distributed intrusion detection systems: a computational intelligence approach. Applications of information systems to homeland security and defense. USA: Idea Group Inc. Publishers, 105-135.

Alharkan, T., & Martin, P. (2012). IDS aaS: Intrusion detection systems as a service in public clouds. In Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012), 686-687. IEEE Computer Society.

Anderson, D., Frivold, T., & Valdes, A. (1995). Next-generation intrusion detection expert system (NIDES): A summary. SRI International, Computer Science Laboratory.

Araújo, J. D., & Abdelouahab, Z. (2012). Virtualization in Intrusion Detection Systems: A Study on Different Approaches for Cloud Computing Environments. International Journal of Computer Science and Network Security (IJCSNS), 12(11), 10.

Bace, R., & Mell, P. (2001). NIST special publication on intrusion detection systems. An NIST (National Institute of Standards and Technology) publication

Beg, S., Naru, U., Ashraf, M., & Mohsin, S. (2010). Feasibility of intrusion detection system with high performance computing: A survey. International Journal for Advances in Computer Science, 1(1), 26-35.

Boudaoud, K., Labiod, H., Boutaba, R., & Guessoum, Z. (2000). Network security management with intelligent agents. In Network Operations and Management Symposium, 2000. (NOMS 2000).

Brandao, J. E. M., da Silva Fraga, J., Mafra, P. M., & Obelheiro, R. R. (2006). A WS-based infrastructure for integrating intrusion detection systems in large-scale environments. In Meersman, R., Tari, Z., & Herrero, P. (2006). On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops; proceedings of the OTM Confederated International Conferences, CoopIS, DOA, GADA, and ODBASE 2006, Montpellier, France.

Brahmi, I., Yahia, S. B., Aouadi, H., & Poncelet, P. (2012). Towards a multiagent-based distributed intrusion detection system using data mining approaches.

Brahmi, I., Yahia, S. B., & Poncelet, P. (2011). A Snort-based Mobile Agent for a Distributed Intrusion Detection System. In SECRYPT, 198-207.

Brennan, M. P. (2002). Using Snort for a Distributed Intrusion Detection System. SANS Institute.

Bye, R., Camtepe, S. A., & Albayrak, S. (2010). Collaborative Intrusion Detection Framework: Characteristics, Adversarial Opportunities and Countermeasures.

Catteddu, D., & Hogben, G. (2009). Cloud Computing: benefits, risks and recommendations for information security. European Network and Information Security Agency (ENISA).

Chuvakin, A. (2010). SIEM: Moving Beyond Compliance – Intrusion Detection Systems. White Paper for RSA.

Chen, Z., Han, F., Cao, J., Jiang, X., & Chen, S. (2013). Cloud computing-based forensic analysis for collaborative network security management system. Tsinghua Science and Technology, 18(1), 40-50.

Chatzigiannakis, V., Androulidakis, G., Grammatikou, M., & Maglaris, B. (2004). A distributed intrusion detection prototype using security agents. HP OpenView University Association.

Cloud Security Alliances (2011). Security guidance for critical areas of focus in cloud computing v3.0. A report by Cloud Security Alliance.

Debar, H., Dacier, M., & Wespi, A. (1999). Towards a taxonomy of intrusion-detection systems. Computer Networks, 31(8), 805-822.

Debar, H., & Wespi, A. (2001). Aggregation and correlation of intrusion-detection alerts. In Recent Advances in Intrusion Detection, 85-103. Springer Berlin Heidelberg.

Faysel, M. A., & Haque, S. S. (2010). Towards cyber defense: research in intrusion detection and intrusion prevention systems. International Journal of Computer Science and Network Security (IJCSNS), 10(7), 316-325.

Garfinkel, T., & Rosenblum, M. (2003). A Virtual Machine Introspection Based Architecture for Intrusion Detection. In NDSS, 3, 191-206.

Ghosh, A., & Sen, S. (2004). Agent-based distributed intrusion alert system, 240-251.In Proceedings of the Sixth International Workshop on Distributed Computing (IWDC’04), 240–251, Kolkata, India.

Gunawan, L. A., Vogel, M., Kraemer, F. A., Schmerl, S., Slåtten, V., Herrmann, P., & König, H. (2011). Modeling a distributed intrusion detection system using collaborative building blocks. ACM SIGSOFT Software Engineering Notes, 36(1), 1-8.

Hegarty, R., Merabti, M., Shi, Q., & Askwith, B. (2009). Forensic analysis of distributed data in a service oriented computing platform. In proceedings of the 10th Annual Postgraduate Symposium on The Convergence of Telecommunications, Networking & Broadcasting, PG Net.

Holtz, M. D., David, B. M., & de Sousa Junior, R. T. (2011). Building Scalable Distributed Intrusion Detection Systems Based on the MapReduce Framework. Revista Telecomunication, 2, 22-31.

Iheagwara, C. (2003). Intrusion Detection Systems–Strategies for improving Performance.

Innella, P., McMiIlan, O., & Trout, D. (2002). Managing Intrusion Detection Systems in Large Organizations.

Jordan, C. (2000). Analyzing Intrusion Detection Systems Data.

Kannadiga, P., & Zulkernine, M. (2005). DIDMA: A distributed intrusion detection system using mobile agents. In Proceedings of the Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Networks (SNPD/SAWN’05), 238-245.

Kittel, T. (2010). Design and Implementation of a Virtual Machine Introspection based Intrusion Detection System.

Kourai, K., & Chiba, S. (2005). HyperSpector: virtual distributed monitoring environments for secure intrusion detection. In Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments, 197-207.

Kozushko, H. (2003). Intrusion detection: Host-based and network-based intrusion detection systems. Independent study.

Krugel, C., & Toth, T. Applying Mobile Agent Technology to Intrusion Detection.

Lasheng, Y., & Chantal, M. (2009). Agent based distributed intrusion detection system (ABD Intrusion Detection Systems). In Proceedings of the Second Symposium International Computer Science and Computational Technology (ISCSCT ’09), 134-138, Huangshan, P. R. China.

Maciá-Pérez, F., Mora-Gimeno, F., Marcos-Jorquera, D., Gil-Martínez-Abarca, J. A.,

Ramos-Morillo, H., & Lorenzo-Fonseca, I. (2011). Network intrusion detection system embedded on a smart sensor. Industrial Electronics, 58(3), 722-732.

McHugh, J., Christie, A., & Allen, J. (2000). The role of intrusion detection systems. IEEE Software, 17(5), 42-51.

Mell, P., Karygiannis, T., Marks, D., & Jansen, W. (1999). Applying mobile agents to intrusion detection and respons. A publication of National Institute of Standards and Technology (NIST), US Department of Commerce.

Neelima, S., Prasanna, L.Y. (2013). A Review on Distributed Cloud Intrusion Detection System. International Journal of Advanced Technology & Engineering Research (IJATER), 3(1), 116-120.

Rao, K. R., Pal, A., & Patra, M. R. (2009). A service oriented architectural design for building intrusion detection systems. International Journal of Recent Trends in Engineering and Technology, 1(2), 11-14.

Sallay, H., AlShalfan, K. A., & Fred, O. B. (2009). A scalable distributed Intrusion Detection Systems Architecture for High speed Networks. International Journal of Computer Science and Network Security (IJCSNS), 9(8).

Scarfone, K., & Mell, P. (2007). Guide to intrusion detection and prevention systems (IDPS). NIST special publication, Technology Administration, U.S. Department of Commerce.

Sen, J. (2010). An Agent-Based Intrusion Detection System for Local Area Networks. International Journal of Communication Networks and Information Security (IJCNIS), 2(2), 128-140.

Singh, R. R., Gupta, N., & Kumar, S. (2011). To reduce the false alarm in intrusion detection system using self-organizing map. International Journal of Soft Computing and Engineering (IJSCE), 1(2), 27-32.

Sterne, D., Balasubramanyam, P., Carman, D., Wilson, B., Talpade, R., Ko, C. & Bowen, T. (2005). General cooperative intrusion detection architecture for MANETs. In Proceedings of the Third IEEE International Workshop on Information Assurance, 57-70.

Sundaram, A. (1996). An introduction to intrusion detection. Crossroads, 2(4), 3-7.

Suryawanshi, G. R., Jondhale, S. D., Korde, S. K., Ghorpade , P. P., Bendre, M. R. (n. d.). Mobile Agent for Distributed Intrusion Detection Systems in Distributed System. International Journal of Computer Technology and Electronics Engineering (IJCTEE), 1(3), 70-75.

Tierney, B., Crowley, B., Gunter, D., Lee, J., & Thompson, M. (2001). A monitoring sensor management system for grid environments. Cluster Computing, 4(1), 19-28.

Tolba, M., Abdel-Wahab, M., Taha, I., & Al-Shishtawy, A. (2005). Distributed Intrusion Detection Systems for Computational Grids. In International Conference on Intelligent Computing and Information Systems, 2.

Werlinger, R., Hawkey, K., Muldner, K., Jaferian, P., & Beznosov, K. (2008). The challenges of using an intrusion detection system: is it worth the effort?. In Proceedings of the 4th symposium on Usable privacy and security, (SOUPS), July 23-25, Pittsburgh, PA, USA.

Wotring, B. (2010). Host Integrity Monitoring: Best Practices for Deployment.

Yee, A. (2003). The intelligent Intrusion Detection Systems: next generation network Intrusion Detection Systems management revealed. NFR security white paper.

Zhai, S., Hu, C., & Weiming, Z. (2014). Multi-Agent Distributed Intrusion Detection Systems Model Based on BP Neural Network. International Journal of Security and Its Applications, 8 (2), 183-192.

View Computing Dissertations Here

Economic Wealth

How Strong is the connection between Democracy and Economic Wealth

The last two decades witnessed the collapse of communism both as an ideology and political system leading to the triumph of liberal democracy across the world.   This process has exerted profound influence on redefining the architecture of the global economic and political system (Huntington 1991). As a result, the economic and political landscape of the contemporary world is characterized by democratic revivalism and formation of new states based on democratic ideals. This process has indeed deconstructed the prevailing notions of democracy and economic wealth. Traditionally, it has been argued by political and economic theorist that democracy will thrive only in a society, which enjoys a particular level of economic wealth and prosperity. However, emergence of new democratic nation states in Asia, Latin America and Africa soon after the fall of colonialism and the recent resurgence of democracy in Eastern Europe after the collapse communism inspired some scholars to perceive that economic wealth is not a pre-requisite for democracy.  The newly democratic countries remained economically poor and still continue the path of democracy without higher economic growth and wealth. At the same time, there are authoritarian regimes in Middle East and South Asia that reflect high level of economic wealth even without democratic system.  There are countries like the USA and UK which present the beautiful blend of economic wealth and democracy.  Due to this paradoxical situation across the globe, economics theorists and scholars often find it difficult to reach a consensus regarding the relationship between democracy and economic wealth.

 Given the scenario, this paper is a modest attempt to explore the relationship between democracy and economic wealth. The paper examines various theories and approaches that analyze the relationship between democracy and economic wealth and tries to explore how strong the connection is.  The paper also examines the theories in the context of the contemporary economic and political order. Concluding section provides critical analysis of these approaches and highlights the need for a realistic and contextual perspective towards the relationship between economic wealth and democracy.

Democracy and Economic Wealth: Major Theories

 Democracy, according to Schumpeter (1942) is ‘the institutional arrangement for arriving at political decisions in which individuals acquire the power to decide by means of a competitive struggle for the people’s vote’. Thus democracy implies a political system in which power derives its strength from the people. Robert Dahl (1971) provides seven fundamental attributes to democracy including:

  • Control over governmental decisions about policy constitutionally vested in elected officials
  • Relatively frequent, fair and free elections
  • Universal adult suffrage
  • The right to run for public office
  • Freedom of expression
  • Access to alternative sources of information that are not monopolized by either the government or any other single group
  • Freedom of association (i.e. the right to form and join autonomous associations such as political parties, interest groups, etc).

Ever since the inception of democracy, its relationship with economic growth has been a serious issue of debate.  Broadly speaking, there are three fundamental theories on the relationship between democracy and economic wealth. First of all, there is a prominent school of thought that highlights the positive correlation between democracy and economic growth. Secondly, there is an equally important view that negates this theory and emphasizes that democracy is not a pre-requisite for economic growth and often the relationship is negative in the case of many countries. Apart from these contrasting schools, there is another perspective that considers the relationship between democracy and economic wealth as sceptical. They argue that the relationship is neither positive nor negative and is largely depends on other factors as well. These contrasting yet very important arguments are examined below.

Martin Lipset (1969) is regarded as the pioneer of the approach that highlights a strong correlation between economic wealth and democracy.  This perspective became popular during 1960’s and 1970’s. According to Lipset democracy will emerge and flourish only in affluent societies that are endowed with a high level of economic development and wealth. He further pointed out that economic wealth is an initial condition for democracy.  Lipset stated, ‘the more well-to-do a nation, the greater the chances that it will sustain democracy. Only in a wealthy society in which relatively few citizens lived in real poverty could a situation exist in which the mass of the population could intelligently participate in politics and could develop the self-restraint necessary to avoid succumbing to the appeals of irresponsible demagogues’.

After the seminal theory of Lipset, there emerged many academic studies that empirically investigated the positive relationship between democracy and economic wealth. The proponents of this theory also held the view that democracy lead to greater economic prosperity. After Lipset, the most influential theory on the positive correlation between democracy and economic growth was presented by Adam Przeworski, Michael Alvarez, José Antonio Cheibub, and Fernando Limongi.  On the basis of the empirical study conducted in 141 countries for the period 1950 to 1960, Przeworski reaffirmed the theory of Lipset and concluded that economically developed countries have more chances to sustain democracy. Also the theory pointed out that democracy can better promote economic wealth than authoritarian regimes.

Supporters of this positive correlation view argue that democracy provides a free and transparent political culture and equal allocation of resources among the people. This motivates citizens to invest and maximize benefit of the free market that ultimately lead to economic prosperity of the country. Democracy put restrictions on the power of the government, checks unnecessary expenditure and prevents unresponsive policies that affect economic wellbeing of the people. The theory further states that optimum utilization of resources will be possible only in a democracy that is accountable and transparent. Hence, democracy can best serve as a promoter of economic growth. Therefore these theorists highlight the strong positive co-relation between democracy and economic wealth.  The successful and prosperous economies of the USA, UK and other developed countries of West Europe were considered as the models to substantiate the theory of positive co-relation between democracy and economic wealth. The wealthiest nations of the world are generally matured democracies. On the other hand world’s poorest nation states are autocratic regimes. Sudan, Burma North Korea and Congo are examples.  Even though China shows an impressive growth rate after the globalization process, China’s GDP per capita is still $1000 making it one of the poor nations of the world (Sharma, 2012).

Nevertheless, this was questioned by many scholars who strongly criticized the positive relationship between these two concepts.  Samuel P. Huntington (1968) and others were of the opinion that democracy has weak and unstable institutions that hinders investment and economic growth. Moreover, democratic countries tend to make vulnerable policies and decisions in order to attract popular support whereas authoritarian regimes are able to make strong policies to initiate economic growth.  Economic growth needs hard policy framework that can check growth retarding business environment and factors.  Such an iron hand is not possible within a democratic structure that focuses more on sentiments of the electorate than policy priorities. Thus democracy cannot play a catalytic role in wealth creation unless there is concrete effort from the government.  Galenson (1959), Andreski (1968), Huntington and Dominguez (1975), Rao (1984-5), and Haggard (1990) etc popularized this view further.  There are empirical evidence to show this negative correlation between democracy and economic wealth.

Singapore is a classic example to show the inverse relationship between democracy and economic wealth.  When other countries in Asia heralded a democratic path following British colonialism, Singapore selected a unique single party authoritarian system that provided rich dividend to the country. When other Asian countries faced a chequered history of economic under development, political instability and social unrest, Singapore attempted a brave step towards liberalization, international trade and capitalistic growth strategy which ultimately made the country a ‘brand’ among other countries. Now Singapore serves as a regional headquarters for more than 3000 multinational companies and has world class financial and service sectors and above all a highly efficient physical infrastructure. The country consistently ranks high among ‘most attractive countries for international business’ and has achieved a per capita GDP level comparable to levels of developed western nations. According to the World Economic Forum’s Global Competitiveness Report 2006-2007, Singapore edged out Japan, Hong Kong and Taiwan to be the most competitive Asian country, while coming in fifth in world rankings. The world’s highest PC penetration among households, the well-networked broadband systems and the high-tech transport system- all symbolize Singapore’s economic achievements (Menon, 2008). All these achievements were made without a democratic government.  Other East Asian countries like South Korea, Taiwan and Hong Kong also achieved high growth rate without democratic government (Dominguez (2005).  China is another classical example to show that the relationship between democracy and economic growth is not as strong as envisaged.  Within the boundaries of the totalitarian communist rule that hardly allow democratic space to community, China is able to leverage investment, economic growth and overall development (Dominguez 2005).  At the same time, democratic countries in Asia and Africa including India, Ghana, Costa Rica, Nepal and Hungary still struggle to sustain an impressive economic growth and corruption free administration.

Economic Wealth
Economic Wealth

The positive co-relation between democracy and economic wealth is not yet visible in these countries (Dominguez (2005). Also, the emergence of democracy in these countries cannot be related to mature economic development as stated by Lipset.  After the fall of communism, there was democratic resurgence in East Europe even though these countries were not economically affluent.  Hence, there is no direct correlation between democracy and economic wealth.  More specifically, democracy can thrive even without economic wealth and at the same time, economic growth can be achieved without democratic system. This theory perhaps argues that economic wealth is better achievable under authoritarian regime than democracy. Apart from East Asian countries, there are countries of Middle East including Saudi Arabia, Kuwait, Bahrain that reflect consistent economic growth but extremely authoritarian monarchic form of government (Dominguez (2005).  Thus the theory highlights the strong negative relationship between democracy and economic wealth.

Another study conducted by Freedom House shows that ‘during 1991 and 2005, the countries that were economically free but politically repressed grew at 6.28% annually. Comparatively, the countries that were both economically and politically free grew at 2.62%. In other words, dictatorial regimes make better economic decisions for citizens than democratic ones’ (Sharma, 2012).

The third view on the debate argues that there is no consistent relationship between democracy and economic growth as assumed by scholars. Moreover, they assume that institutional structure and approach to governance are more important than the type of regimes per se. Wealth creation and prosperity are possible in both democracy and autocracy if there are proactive policies, good governance, corruption free administration and better management of economy.  As stated by Bardhan (1993) ‘A sound leadership that will resolve collective action problems and be responsive to rapidly changing technical and market conditions is more essential for growth’.  This view was supported by Bhagavati( 1995) as well. According to him, market will bring economic wealth both under authoritarianism and democracy. Nevertheless, the institutional structure should be able to make the’ right policy’ decision without compromise.  Hence, this theory confirms that there is no correlation between democracy and economic wealth and the determining factor is the nature and content of the policy.

 Hristos Doucouliagos and Mehmet Ulubasoglu(2005) studied the connection between democracy and economic growth in 70 selected countries through meta-analysis. They have derived the following conclusions:

  • There is no accumulated evidence to show that democracy is detrimental to economic growth. The findings of the data combined clearly points to a zero direct effect on economic growth.
  • Though there is no direct effect of democracy on economic growth, it has many significant indirect effects on wealth through various channels including human capital formation, economic freedom, transparency etc. Nevertheless, democracy leads to higher government expenditure and restricted international trade.
  • Though the direct co-relation between democracy and economic wealth is not to be validated globally, there still exists strong regional variation on the larger impact of democracy on economic growth. The study shows that democracy has a direct impact on economic growth in Latin America where as the relationship is very low in Asia.
  • Though the study could not establish the direct impact of democracy on economic wealth, there is positive co-relation between economic freedom and wealth creation.

There are other scholars who studied the indirect but important relationship between democracy and economic wealth.  In his paper, Democracy, Governance, and Economic Performance: Theory and Evidence, Yi Feng (2003) established that democracy indeed can make a positive effect on economic wealth and development at least indirectly.  The indirect effects implies policy certainty, political stability, the establishment and enforcement of rules that protect property rights, the promotion of education, the ability to promote private capital, and the reduction of inequality.  All these indirect indicators engender increase in investment and thus pave the way for enhanced economic growth.

In a similar study, Gerring (2005) also perceive that the connection between democracy and economic wealth is relevant, though it is indirect.  According to them, democracy creates four types of capital- human capital, social capital, political capital and physical capital – in a country. Economic growth can be achieved through the effective utilization of these channels.

Kurzman (2003) conducted a study on the relationship between democracy and economic growth using time series analysis and came out with varying findings as mentioned under:

  • Democracy has a significant impact on investment and this will have positive effect on economic growth. Free market economy and economic reforms coupled with transparency would eventually lead to more investment contributing towards economic growth.
  • Democracy increases government expenditure and this will have a negative impact on economic growth.
  • Social unrest and mass movements are intense in democracies. This is negatively co related to economic growth.

He thus concludes that democratic relationship with economic growth is always complex and greatly depends on the domestic situation, political culture, quality of regime and pace of market reforms.

Critical Analysis

While analyzing the diverse arguments on democracy and economic wealth, we can assume that there is no generalized pattern of relationship. The strength of the relationship depends on other related factors like quality of democracy, historical legacy, committed leadership, lack of corruption etc. If these pre-condition are achieved, democracy will definitely lead to economic wealth. At the same time autocratic government may lead to economic wealth but it will not be sustainable unless the government follows less repressive policies. When we examine the case of developed countries like the USA, Britain, France and Germany it is evident that democracy and economic growth exhibits a strong positive relationship in countries that have attained economic growth prior to democratization.  The countries like India, Ghana and Pakistan selected democratic path even before attaining significant level of economic wealth. Hence, the approach that believes that ‘democracy will automatically follow economic wealth’ will not be sustainable whereas the theory that ‘economic growth will follow democracy’ may be more realistic.

Conclusion

Even though empirical studies conducted across the world proved the negative co-relation or zero- effect factor in democracy- wealth paradigm, it is a fact that authoritarian regimes have very low human development indicators unlike democratic countries. In the Middle East and China, economic wealth does not provide corresponding improvement in health, education and other social indicators. Economic growth impacts on human development through different channels like increase in per capita income, poverty reduction and higher public expenditure in education, health and related sectors. However, while analyzing the success story of non-democratic countries with high economic growth, it is clear that, the desire for appropriate policies to reduce income inequalities and to allocate proportionately to the social sectors is sometimes lacking in these countries. Thus, the important question here is the utility of ‘wealth’ if it is not utilized effectively for the benefit of the people. The record of democratic countries is far better in this case. Amartya Sen (1999) expanded this aspect and focused on enhancing capabilities of the individual than increasing economic wealth. Authoritarian regimes may be good for creating wealth but the proliferation of wealth and equal distribution of resources requires a responsive government. In this context democracy has proved better result than autocratic systems.

Democracy and economic wealth indeed have a strong relationship even though the connection is not always positive. Democracy may lead to both positive and negative effect on economic wealth and prosperity. The real ‘connection’ largely relies on the institutional framework of democracy and its rational decision to initiate bold policies of economic development.  Therefore, we can conclude that democracy is not a magic lamp that automatically provides economic wealth. Thus, the future prospects of democracy as a form of governance will depend on the effectiveness and capability to channelize these high spirit and vibrancy of democratic institutions for harnessing a growth strategy based on economic freedom, transparency, participation and accountability.

References

Almond G. A. and Verba, S. (1963) The Civic Culture: Political Attitudes and Democracy in Five Nations. Princeton, NJ: Princeton University Press.

Andreski, S. (1968)  Military Organization and Society. Palo Alto: Stanford University Press.

Bardhan, P. (1993 ‘Democracy and Development: A Complex Relationship’. Berkeley, CA: University of California, Berkeley.

Bhagwati, J. (1995) Democracy and Development: new thinking on an old question. Indian Economic Review

Dahl, R. A. (1971) Polyarchy: Participation and Opposition. New Haven, CT: Yale University Press

Doucouliagos, C.(H.), (2005). Publication Bias in the Economic Freedom and Economic Growth Literature. Journal of Economic Surveys 19, 367-89.

Feng, Y. (2003) Democracy, Governance, and Economic Performance: Theory and Evidence. Cambridge, MA: The MIT Press

Galenson, W. (1959). Labor and Economic Development. New York: Wiley

Gerring, J and Rodrigo Alfaro. (2005) “Democracy and Human Development” (Paper presented at the annual meeting of the American Political Science Association, Washington, D.C., September.

Haggard, S. (1990) Pathways from the Periphery: The Politics of Growth in the Newly Industrializing Countries, Ithaca, New York: Cornell University Press

Huntington, S. (1968) Political Order in Changing Societies. New Haven, CT: Yale University Press.

Huntington, S. (1991) The Third Wave: Democratization in the Late Twentieth Century. Norman, OK: University of Oklahoma Press

Kurzman, C., R. Werum and R. E. Burkhart.(2003) Democracy’s Effect on Economic Growth: A Pooled Time-Series Analysis: 1951-1980, Studies in International Comparative Development.

Lipset, S. M. (1959) ‘Some Social Requisites of Democracy, Economic Development and Political Legitimacy’. American Political Science Review 53(1):69-105.

Lipset, S. M. (1994) ”The Social Requisites of Democracy Revisited” American Sociological Review, vol. 59 (1): 1-22

Menon, S. (2008) Singapore Economy: The way Ahead, IUP Press, India.

Przeworski, A., M.E. Alvarez, J.A. Cheibub, and F. Limongi (2000) Democracy and  Development: Political Institutions and Well-being in the World 1950-1990. Cambridge: Cambridge University Press.

Rao,V.(1984). Democracy and Economic Development. Studies in Comparative International Development, 39, 67-81.

Raudenbush, S. W. 1994. Random

Schumpeter, J. (1942) Capitalism, Socialism and Democracy. London: Harper Perennial

Sen, A. (1999b) Development as Freedom. Oxford: Oxford University Press

Sharma, Dhiraj. (2012) Democracy correlated with Economic Growth?  The Economic Times, February, 28.

Click Here To View Economics Dissertations

Advertising Essays Benefits

The Benefits of Buying Advertising Essays

Advertising

Benefits of Buying Advertising Essays – Advertising is all about face value in a business. Anyone studying marketing knows that advertising is more about brands and what you present to your customers and how you present the products according to their requirements and needs. Advertising has grown into a full blown industry that has become more than guesswork and instinct. With the world turning into a global village in the past two decades and with the world of advertising getting attention around the globe, you’re not just competing against local competitors, you’re competing against the world market.

Changing Trends in Advertising

Advertising has become more about facts and figures as the competition has peaked. There are so many products out there that the customers can easily compare and buy the products that they need at better prices. The one thing that the other product company did better than you was to market their product better. How? You think you did everything that you could to sell your product in an effective way but if you pay attention, you will notice that it has been mentioned that the customer would compare the product and he/she will chose the product that fits his/her needs better. Advertising companies make an effort to know what the customers need and at what price to market their product in such a way that the customers felt like that the product was made for their use. It might seem like an easy thing to do but it is not. The customers’ choice change so rapidly and advertising companies don’t usually have time to conduct extensive studies and keep up with the market trends at the same time.

Advertising Essays
Advertising Essays

Concept of Advertising Essays

There are professionals however, that have ample time to do both of these things in a given period of time. They not only research and record the trends in market but they also find out the preferences and the choices of the customers. And we get their work in form of advertising essays.

Advertising Essays

Advertising essays are a detailed study of different aspects of advertising including consumer behaviour, trends in advertising, trends of earnings by other companies, trends of loss and profit in different advertising agencies, advertising strategies and other topics. These essays are written by professionals and expert analysts who observe the trends in market and do extensive research on the topic. Our advertising essays are easily available for university students and span most elements of marketing.

Benefits of Buying Advertising Essays

  • Any business could benefit from buying these essays for contemplating their market strategies. Advertising essays are written from an advertising point of view completely.
  • The facts and figures that are included in the essays are completely based on the research and survey done on the trends and the consumer behaviour.
  • They are a reliable predictor of the present and the future trends in advertising.
  • Businesses can buy these essays easily from their authors and use the knowledge in the essays to help improve on their own advertising strategy.
  • Advertising essays for local industry and international markets help the businesses and companies get a better idea about their competition and make their product better.

Advertising essays are usually considered and discarded as literature. People mostly believe in theoretical and practical approaches but it is an established fact that calculated risks are better than impulsive risks. Advertising essays are tools in your arsenal that could help you get a hold of the local and international market and move ahead with your advertising strategy.

Advertising Essays | Advertising Dissertations