The system analyzes and monitors suspicious network activity, vulnerability exploits, or policy violations via sensors placed on network devices or the host.
IDSs report any identified threats to an administrator or a security information and event management (SIEM) system.
Types of Intrusion Detection Systems
By Detection Method
- Signature-based Detection
- Anomaly-based Detection
- Reputation-based Detection
- Stateful Protocol Analysis Detection