November 23, 2009
Hot topics :

intrusion detection system

Last modified: Friday, December 13, 2002 

An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system.

There are several ways to categorize an IDS:

  • misuse detection vs. anomaly detection: in misuse detection, the IDS analyzes the information it gathers and compares it to large databases of attack signatures. Essentially, the IDS looks for a specific attack that has already been documented. Like a virus detection system, misuse detection software is only as good as the database of attack signatures that it uses to compare packets against. In anomaly detection, the system administrator defines the baseline, or normal, state of the network’s traffic load, breakdown, protocol, and typical packet size. The anomaly detector monitors network segments to compare their state to the normal baseline and look for anomalies.
  • network-based vs. host-based systems: in a network-based system, or NIDS, the individual packets flowing through a network are analyzed. The NIDS can detect malicious packets that are designed to be overlooked by a firewall’s simplistic filtering rules. In a host-based system, the IDS examines at the activity on each individual computer or host.
  • passive system vs. reactive system: in a passive system, the IDS detects a potential security breach, logs the information and signals an alert. In a reactive system, the IDS responds to the suspicious activity by logging off a user or by reprogramming the firewall to block network traffic from the suspected malicious source.

Though they both relate to network security, an IDS differs from a firewall in that a firewall looks out for intrusions in order to stop them from happening. The firewall limits the access between networks in order to prevent intrusion and does not signal an attack from inside the network. An IDS evaluates a suspected intrusion once it has taken place and signals an alarm. An IDS also watches for attacks that originate from within a system.

  Related Links

eSecurity Planet 
A resource for daily information on e-security targeted to IT managers. The site provides users with information from a variety of sources, including experts at security product and services firms, and the consultants who follow the security industry.

An Overview of Intrusion Detection Systems
A white paper from Xinetica Ltd.

Deploying an Effective Intrusion Detection System
Not surprisingly, as the Internet grows at a mind-boggling pace, so does the incidence of documented unlawful attacks on corporate resources.

Intrusion Detection FAQs
From the SANS Institute.

Intrusion Detection, Theory and Practice
This article gives an overview of several types of intrusion detection systems, and introduces the reader to some of the concepts and practices involved in intrusion detection.

SecurityTracker.com
Information on the latest security vulnerabilities, free SecurityTracker Alerts, and customized vulnerability notification services.

Security Wars: Can Intrusion Detection Even the Score?
Are IDS capabilities keeping up with intrusion attacks?
Related Categories

Security

Software
Related Terms

access

CERT/CC

crack

cracker

defacement

DoS attack

geek

honeypot

IP spoofing

phreaking

port scanning

programmer

quarantine

sniffer
Shopping
intrusion detection system Products
Compare Products,Prices and Stores

Shop by Category:
Other Network Devices
6 Model Matches

Servers
124 Model Matches

Firewalls
22 Model Matches

Motherboards
168 Model Matches

Software
0 Store Offers
Security Solutions





internet.commediabistro.comJusttechjobs.comGraphics.com

Search:

WebMediaBrands Corporate Info

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Solutions

Whitepapers and eBooks

Microsoft Articles: Visual Studio 2010
Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications
Microsoft Whitepaper: How Windows Server 2008 R2 Helps Optimize IT and Save You Money
Adobe Article: Java Developers Finding a Home at Adobe Flex
IBM Articles: A Smarter Business Needs Smarter Technology
Intel Xeon Processor Increases Server Efficiency and Capabilities
Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise
Oracle Whitepapers - Innovation for IT Leaders
Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT
 Internet.com eBook: IT Manager's Guide to Social Networking
Internet.com eBook: Get Ready for Windows 7
Microsoft Article: Expression Web 3--New Features for PHP Developers
Whitepapers: Manage Your Business Infrastracture with IBM
Whitepaper: Maximize Your Storage Investment with HP
Internet.com eBook: Becoming a Better Project Manager
Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Webcast: Connecting PHP to Microsoft Technologies
Video: Microsoft Partner Program Benefits
Video: Windows Azure Debugging Tips
SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports
 IBM Webcast: Speed Business Innovation with Reduced Cost and Risk
Video: Deploy Applications on Windows Azure
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Download: Microsoft Visual Studio 2010 Beta 2
Downloads & Free Trials: Microsoft's New Efficiency Resource Center
Get the Windows 7 SDK
 Free Trial: Red Gate SQL Backup Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
All About Botnets
 MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES