► Anomaly-based IDSs (AKA behavior-based) start with a performance baseline of normal behavior and then identify anomalies.
► Signature-based IDSs (AKA definition-based) use a database of predefined traffic patterns.
► A network-based IDS (NIDS) is installed on network devices such as routers or firewalls to monitor network traffic.
► A host-based intrusion detection system (HIDS) is installed on workstations or servers as an additional piece of software.

No comments:

Post a Comment