Host Intrusion Detection System
Intrusion detection is an important piece of security in that it acts as a detective control. An intrusion detection system (IDS) is a specialized device that can read and interpret the contents of log files from sensors placed on the network as well as monitor traffic in the network and compare activity patterns against a database of known attack signatures. Upon detection of a suspected attack, the IDS can issue alarms or alerts and take a variety of automatic action to terminate the attack.
There are two types of IDSs that can be used to secure a network: host-based IDS (HIDS) and network-based IDS (NIDS). The two types are further broken down into signature-based and behavior-based IDSs. A behavior-based ...
Get Eleventh Hour Security+ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
