Everything You Always Wanted To Know About Intrusion Detection Systems
An Intrusion Detection System (IDS) employs a combination of hardware and software products to analyze network traffic. The software analyzes and checks known patterns of traffic and ferrets out activity it suspects as malicious. A sophisticated IDS can even automatically terminate a connection and send an alert to the admin the minute it detects suspicious activity.
An IDS is employed mainly by companies to detect various malicious types of behavior, primarily through the Internet, that can place their networked computers at grave risk. It detects any kind of attack on network systems or on software, as well as unofficial and unauthorized logins and access to critical documents.
Intrusion detection schemes fall into one of the following categories: Anomaly IDS these systems look for behavior and traffic that is not regular. Misuse IDS these scout for Internet behavior that matches a known attack scenario the characteristics of which are already stored in the IDS; these are compared with real-time system behavior.
There is another type of IDS called network-based intrusion...