11.3 Intrusion Detection

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Heuristic-based detection

Also referred to as behavior, anomaly, or statistical-based detection. This detection method first defines a baseline of normal network traffic and then monitors traffic looking for anything that falls outside that baseline.

Signature-based detection

Also referred to as pattern matching, dictionary recognition, or misuse-detection (MD-IDS). This detection method looks for patterns in network traffic and compares them to known attack patterns called signatures.

Intrusion detection system

Device or software that monitors, logs, and detects security breaches, but takes no action to stop or prevent the attack.

Intrusion prevention system

Device that monitors, logs, detects, and can also react to stop or prevent security breaches.

Engine

IDS component that analyzes sensor data and events; generates alerts; and logs all activity

Sensor

IDS component that passes data from the source to the analyzer.


Kaugnay na mga set ng pag-aaral

303 Hinkle PrepU Chapter 42: Management of Patients With Musculoskeletal Trauma

View Set

Cell Signaling AP Biology Midterm Review

View Set

IMC 353 Chapter 8: narrative persuasion

View Set

Ch 16 Postpartum Nursing Management

View Set

Physical Science Final (from exam 3)

View Set