Fandom

The IT Law Wiki

Intrusion detection system

32,196pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definitions Edit

An intrusion detection system (IDS) is

[a] software application that can be implemented on host operating systems or as network devices to monitor activity that is associated with intrusions or insider misuse, or both.[1]
[a] security service that monitors and analyzes network or system events for the purpose of finding, and providing real-time or near real-time warning of, attempts to access system resources in an unauthorized manner.[2]

Overview Edit

Intrusion detection systems detect inappropriate, incorrect, or anomalous activity on a network or computer system. Intrusion prevention systems build on intrusion detection systems to detect attacks on a network and take action to prevent them from being successful. Security event correlation tools monitor and document actions on network devices and analyze the actions to determine if an attack is ongoing or has occurred.[3]

An IDS collects information on a network, analyzes the information on the basis of a preconfigured rule set, and then responds to the analysis. IDS ensure that unusual activity such as new open ports, unusual traffic patterns, or changes to critical operating system files is brought to the attention of the appropriate security personnel.

The implementation of an IDS might be valuable for the following reasons:

Type of Intrusion detection systems Edit

There are three common types of IDS, classified by the source of information they use to detect intrusions: network-based, host-based, and application-based.

An additional type of IDS is a

References Edit

  1. NIST Special Publication 800-47, at D-2.
  2. NIST Special Publication 800-82, at B-4.
  3. Cybercrime: Public and Private Entities Face Challenges in Addressing Cyber Threats, at 22 n.20.

Also on Fandom

Random Wiki