Abstract
Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify intrusions. An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. Based on the sources of the audit information used by each Intrusion Detection System (IDS), the IDSs may be classified into: · Host-based IDS: Get audit data from host audit trails. Detect attacks against a single host · Distributed IDS: Gather audit data from multiple hosts and possibly the network that connects the hosts. Detect attacks involving multiple hosts · Network-Based IDS: Use network traffic as the audit data source, relieving the burden on the hosts that usually provide normal computing services. Detect attacks from network.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.