Network Security - NIC-Based Intrusion Detection Systems
|
The goal of an intrusion detection system is to detect inappropriate, incorrect, and unusual activity on a network or on the hosts belonging to a local network by monitoring network activity. To determine if an attack has occurred or if one has been attempted typically requires sifting through huge amounts of data (gathered from the network, host or file system) looking for clues of suspicious activity. There are two general approaches to this problem -- signature detection (also known as misuse detection), where one looks for patterns of well-known attacks, and anomaly detection, that looks for deviations from normal behavior.
Posted by enzime on
Friday Jul 27
reply
Comments
|
<< < 1 > >>
|
|
|
|
