Intrusion detection system
Intrusion Detection System (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any detected activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system.
Types of Intrusion Detection Systems[edit | edit source]
There are several ways to categorize IDS depending on the context.
Network Intrusion Detection Systems (NIDS)[edit | edit source]
Network Intrusion Detection Systems (NIDS) are placed at a strategic point or points within the network to monitor traffic to and from all devices on the network. It performs an analysis of passing traffic on the entire subnet and matches the traffic that is passed on the subnets to the library of known attacks.
Host Intrusion Detection Systems (HIDS)[edit | edit source]
Host Intrusion Detection Systems (HIDS) run on individual hosts or devices on the network. A HIDS monitors the inbound and outbound packets from the device only and will alert the user or administrator if suspicious activity is detected.
Signature-based IDS[edit | edit source]
Signature-based IDS will monitor packets in the network and compare them against a database of signatures or attributes from known malicious threats. This is similar to the way most antivirus software detects malware.
Anomaly-based IDS[edit | edit source]
Anomaly-based IDS will monitor network traffic and compare it against an established baseline. The baseline will identify what is "normal" for that network—what sort of bandwidth is generally used, what protocols are used, what ports and devices generally connect to each other—and alert the administrator when traffic is detected which is anomalous, or significantly different, from the baseline.
See also[edit | edit source]
- Firewall
- Intrusion prevention system
- Security information and event management
- Computer and network surveillance
- Anti-virus software
References[edit | edit source]
 | This computer security article is a stub. You can help WikiMD by expanding it. |
Search WikiMD
Ad.Tired of being Overweight? Try W8MD's physician weight loss program.
Semaglutide (Ozempic / Wegovy and Tirzepatide (Mounjaro / Zepbound) available.
Advertise on WikiMD
|
WikiMD's Wellness Encyclopedia |
| Let Food Be Thy Medicine Medicine Thy Food - Hippocrates |
Translate this page: - East Asian
中文,
日本,
한국어,
South Asian
हिन्दी,
தமிழ்,
తెలుగు,
Urdu,
ಕನ್ನಡ,
Southeast Asian
Indonesian,
Vietnamese,
Thai,
မြန်မာဘာသာ,
বাংলা
European
español,
Deutsch,
français,
Greek,
português do Brasil,
polski,
română,
русский,
Nederlands,
norsk,
svenska,
suomi,
Italian
Middle Eastern & African
عربى,
Turkish,
Persian,
Hebrew,
Afrikaans,
isiZulu,
Kiswahili,
Other
Bulgarian,
Hungarian,
Czech,
Swedish,
മലയാളം,
मराठी,
ਪੰਜਾਬੀ,
ગુજરાતી,
Portuguese,
Ukrainian
WikiMD is not a substitute for professional medical advice. See full disclaimer.
Credits:Most images are courtesy of Wikimedia commons, and templates Wikipedia, licensed under CC BY SA or similar.
Contributors: Prab R. Tumpati, MD
