In the ambit of information security and its growing need to be protected from any attempts to destroy it or duplicate it or copy it attempts have been made to provide detection first and later prevention.
Intrusion detection is done by a variety of means the oft followed means being a manual check to detect actions that may have compromised the confidentiality, integrity or availability of the given resource. Manual detection is usually done by checking the log files and system for evidence of intrusions.
This process has been automated to an extent and is still being perfected. A system that detects intrusion automatically and alerts the administrator is called an intrusion detection system. They are designed on statistical modeling of traffic and application data to detect anomalies that happen. These can be either host based or network based. If is it host based on a single machine only it is person intrusion detection system else it is a network intrusion detection system.
The types of alerts generated by an 'IDS' is determined by how serious the intrusion is. It could generate a log of the relevant information to a file or data base or can even generate an email or a message to a pager or mobile phone.
Intrusion detection is done by a variety of means the oft followed means being a manual check to detect actions that may have compromised the confidentiality, integrity or availability of the given resource. Manual detection is usually done by checking the log files and system for evidence of intrusions.
This process has been automated to an extent and is still being perfected. A system that detects intrusion automatically and alerts the administrator is called an intrusion detection system. They are designed on statistical modeling of traffic and application data to detect anomalies that happen. These can be either host based or network based. If is it host based on a single machine only it is person intrusion detection system else it is a network intrusion detection system.
The types of alerts generated by an 'IDS' is determined by how serious the intrusion is. It could generate a log of the relevant information to a file or data base or can even generate an email or a message to a pager or mobile phone.