A Short Survey of Intrusion Detection Systems
Source: Bulgarian Academy of Sciences
As the cost of information processing and Internet accessibility falls, organizations are becoming increasingly vulnerable to potential cyber threats such as network intrusions. So, there exists a need to provide secure and safe transactions through the use of firewalls, Intrusion Detection Systems (IDSs), encryption, authentication, and other hardware and software solutions. Many IDS variants exist which allow security managers and engineers to identify attack network packets primarily through the use of signature detection; i.e., the IDS "Recognizes" attack packets due to their well-known "Fingerprints" or signatures as those packets cross the network's gateway threshold. On the other hand, anomaly based ID systems determine what is normal traffic within a network and reports abnormal traffic behaviour.