Intrusion detection system, the Glossary
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations.[1]
Table of Contents
74 relations: Alarm filtering, Anomaly detection, Anomaly-based intrusion detection system, Antivirus software, Application firewall, Application protocol-based intrusion detection system, Artificial immune system, Authentication, Bell Labs, Bypass switch, Common Lisp, Communication protocol, Cyclic redundancy check, Denial-of-service attack, DNS analytics, Domain Name System, Dorothy E. Denning, Ethernet frame, Expert system, Extrusion detection, False alarm, False positives and false negatives, Feature selection, Firewall (computing), Fred Cohen, Gartner, Heuristic (computer science), Host (network), Host-based intrusion detection system, Internet Message Access Protocol, Internet protocol suite, Intrusion Detection Message Exchange Format, Lawrence Berkeley National Laboratory, Lisp (programming language), Los Alamos National Laboratory, Machine learning, Malware, Microsoft PowerPoint, Multics, National Security Agency, Network address, Network layer, Network security, Neural network (machine learning), Next-generation firewall, Noise (signal processing), OPNET, Pcap, Peter G. Neumann, Protocol-based intrusion detection system, ... Expand index (24 more) »
- Intrusion detection systems
Alarm filtering
Alarm filtering, in the context of IT network management, is the method by which an alarm system reports the origin of a system failure, rather than a list of systems failed.
See Intrusion detection system and Alarm filtering
Anomaly detection
In data analysis, anomaly detection (also referred to as outlier detection and sometimes as novelty detection) is generally understood to be the identification of rare items, events or observations which deviate significantly from the majority of the data and do not conform to a well defined notion of normal behavior.
See Intrusion detection system and Anomaly detection
Anomaly-based intrusion detection system
An anomaly-based intrusion detection system, is an intrusion detection system for detecting both network and computer intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous. Intrusion detection system and anomaly-based intrusion detection system are computer network security.
See Intrusion detection system and Anomaly-based intrusion detection system
Antivirus software
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Intrusion detection system and Antivirus software are computer network security.
See Intrusion detection system and Antivirus software
Application firewall
An application firewall is a form of firewall that controls input/output or system calls of an application or service.
See Intrusion detection system and Application firewall
Application protocol-based intrusion detection system
An application protocol-based intrusion detection system (APIDS) is an intrusion detection system that focuses its monitoring and analysis on a specific application protocol or protocols in use by the computing system. Intrusion detection system and application protocol-based intrusion detection system are intrusion detection systems.
See Intrusion detection system and Application protocol-based intrusion detection system
Artificial immune system
In artificial intelligence, artificial immune systems (AIS) are a class of computationally intelligent, rule-based machine learning systems inspired by the principles and processes of the vertebrate immune system.
See Intrusion detection system and Artificial immune system
Authentication
Authentication (from authentikos, "real, genuine", from αὐθέντης authentes, "author") is the act of proving an assertion, such as the identity of a computer system user.
See Intrusion detection system and Authentication
Bell Labs
Bell Labs is an American industrial research and scientific development company credited with the development of radio astronomy, the transistor, the laser, the photovoltaic cell, the charge-coupled device (CCD), information theory, the Unix operating system, and the programming languages B, C, C++, S, SNOBOL, AWK, AMPL, and others.
See Intrusion detection system and Bell Labs
Bypass switch
A bypass switch (or bypass TAP) is a hardware device that provides a fail-safe access port for an in-line active security appliance such as an intrusion prevention system (IPS), next generation firewall (NGFW), etc.
See Intrusion detection system and Bypass switch
Common Lisp
Common Lisp (CL) is a dialect of the Lisp programming language, published in American National Standards Institute (ANSI) standard document ANSI INCITS 226-1994 (S2018) (formerly X3.226-1994 (R1999)).
See Intrusion detection system and Common Lisp
Communication protocol
A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any variation of a physical quantity.
See Intrusion detection system and Communication protocol
Cyclic redundancy check
A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to digital data.
See Intrusion detection system and Cyclic redundancy check
Denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network.
See Intrusion detection system and Denial-of-service attack
DNS analytics
DNS Analytics is the surveillance (collection and analysis) of DNS traffic within a computer network.
See Intrusion detection system and DNS analytics
Domain Name System
The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks.
See Intrusion detection system and Domain Name System
Dorothy E. Denning
Dorothy Elizabeth Denning (née Robling, born August 12, 1945) is a US-American information security researcher known for lattice-based access control (LBAC), intrusion detection systems (IDS), and other cyber security innovations.
See Intrusion detection system and Dorothy E. Denning
Ethernet frame
In computer networking, an Ethernet frame is a data link layer protocol data unit and uses the underlying Ethernet physical layer transport mechanisms.
See Intrusion detection system and Ethernet frame
Expert system
In artificial intelligence (AI), an expert system is a computer system emulating the decision-making ability of a human expert.
See Intrusion detection system and Expert system
Extrusion detection
Extrusion detection or outbound intrusion detection is a branch of intrusion detection aimed at developing mechanisms to identify successful and unsuccessful attempts to use the resources of a computer system to compromise other systems.
See Intrusion detection system and Extrusion detection
False alarm
A false alarm, also called a nuisance alarm, is the deceptive or erroneous report of an emergency, causing unnecessary panic and/or bringing resources (such as emergency services) to a place where they are not needed.
See Intrusion detection system and False alarm
False positives and false negatives
A false positive is an error in binary classification in which a test result incorrectly indicates the presence of a condition (such as a disease when the disease is not present), while a false negative is the opposite error, where the test result incorrectly indicates the absence of a condition when it is actually present.
See Intrusion detection system and False positives and false negatives
Feature selection
Feature selection is the process of selecting a subset of relevant features (variables, predictors) for use in model construction.
See Intrusion detection system and Feature selection
Firewall (computing)
In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
See Intrusion detection system and Firewall (computing)
Fred Cohen
Frederick B. Cohen (born 1956) is an American computer scientist and best known as the inventor of computer virus defense techniques. He gave the definition of "computer virus". Cohen is best known for his pioneering work on computer viruses, the invention of high integrity operating system mechanisms now in widespread use, and automation of protection management functions.
See Intrusion detection system and Fred Cohen
Gartner
Gartner, Inc. is an American technological research and consulting firm based in Stamford, Connecticut, that conducts research on technology and shares this research both through private consulting as well as executive programs and conferences.
See Intrusion detection system and Gartner
Heuristic (computer science)
In mathematical optimization and computer science, heuristic (from Greek εὑρίσκω "I find, discover") is a technique designed for problem solving more quickly when classic methods are too slow for finding an exact or approximate solution, or when classic methods fail to find any exact solution in a search space.
See Intrusion detection system and Heuristic (computer science)
Host (network)
A network host is a computer or other device connected to a computer network.
See Intrusion detection system and Host (network)
Host-based intrusion detection system
A host-based intrusion detection system (HIDS) is an intrusion detection system that is capable of monitoring and analyzing the internals of a computing system as well as the network packets on its network interfaces, similar to the way a network-based intrusion detection system (NIDS) operates. Intrusion detection system and host-based intrusion detection system are intrusion detection systems.
See Intrusion detection system and Host-based intrusion detection system
Internet Message Access Protocol
In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection.
See Intrusion detection system and Internet Message Access Protocol
Internet protocol suite
The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria.
See Intrusion detection system and Internet protocol suite
Intrusion Detection Message Exchange Format
Used as part of computer security, IDMEF (Intrusion Detection Message Exchange Format) is a data format used to exchange information between software enabling intrusion detection, intrusion prevention, security information collection and management systems that may need to interact with them. Intrusion detection system and intrusion Detection Message Exchange Format are intrusion detection systems.
See Intrusion detection system and Intrusion Detection Message Exchange Format
Lawrence Berkeley National Laboratory
Lawrence Berkeley National Laboratory (LBNL) is a federally funded research and development center in the hills of Berkeley, California, United States.
See Intrusion detection system and Lawrence Berkeley National Laboratory
Lisp (programming language)
Lisp (historically LISP, an abbreviation of "list processing") is a family of programming languages with a long history and a distinctive, fully parenthesized prefix notation.
See Intrusion detection system and Lisp (programming language)
Los Alamos National Laboratory
Los Alamos National Laboratory (often shortened as Los Alamos and LANL) is one of the sixteen research and development laboratories of the United States Department of Energy (DOE), located a short distance northwest of Santa Fe, New Mexico, in the American southwest.
See Intrusion detection system and Los Alamos National Laboratory
Machine learning
Machine learning (ML) is a field of study in artificial intelligence concerned with the development and study of statistical algorithms that can learn from data and generalize to unseen data and thus perform tasks without explicit instructions.
See Intrusion detection system and Machine learning
Malware
Malware (a portmanteau of malicious software)Tahir, R. (2018).
See Intrusion detection system and Malware
Microsoft PowerPoint
Microsoft PowerPoint is a presentation program, created by Robert Gaskins, Tom Rudkin and Dennis Austin at a software company named Forethought, Inc. It was released on April 20, 1987, initially for Macintosh computers only.
See Intrusion detection system and Microsoft PowerPoint
Multics
Multics ("MULTiplexed Information and Computing Service") is an influential early time-sharing operating system based on the concept of a single-level memory.
See Intrusion detection system and Multics
National Security Agency
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI).
See Intrusion detection system and National Security Agency
Network address
A network address is an identifier for a node or host on a telecommunications network.
See Intrusion detection system and Network address
Network layer
In the seven-layer OSI model of computer networking, the network layer is layer 3.
See Intrusion detection system and Network layer
Network security
Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Intrusion detection system and network security are computer network security.
See Intrusion detection system and Network security
Neural network (machine learning)
In machine learning, a neural network (also artificial neural network or neural net, abbreviated ANN or NN) is a model inspired by the structure and function of biological neural networks in animal brains.
See Intrusion detection system and Neural network (machine learning)
Next-generation firewall
A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a conventional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS).
See Intrusion detection system and Next-generation firewall
Noise (signal processing)
In signal processing, noise is a general term for unwanted (and, in general, unknown) modifications that a signal may suffer during capture, storage, transmission, processing, or conversion.
See Intrusion detection system and Noise (signal processing)
OPNET
OPNET Technologies, Inc. was a software business that provided performance management for computer networks and applications.
See Intrusion detection system and OPNET
Pcap
In the field of computer network administration, pcap is an application programming interface (API) for capturing network traffic.
See Intrusion detection system and Pcap
Peter G. Neumann
Peter Gabriel Neumann (born 1932) is a computer-science researcher who worked on the Multics operating system in the 1960s.
See Intrusion detection system and Peter G. Neumann
Protocol-based intrusion detection system
A protocol-based intrusion detection system (PIDS) is an intrusion detection system which is typically installed on a web server, and is used in the monitoring and analysis of the protocol in use by the computing system. Intrusion detection system and protocol-based intrusion detection system are intrusion detection systems.
See Intrusion detection system and Protocol-based intrusion detection system
Real-time adaptive security
Real-time Adaptive Security is the network security model necessary to accommodate the emergence of multiple perimeters and moving parts on the network, and increasingly advanced threats targeting enterprises. Intrusion detection system and Real-time adaptive security are computer network security and system administration.
See Intrusion detection system and Real-time adaptive security
Rebecca Bace
Rebecca "Becky" Gurley Bace (1955–2017) was an American computer security expert and pioneer in intrusion detection.
See Intrusion detection system and Rebecca Bace
Security information and event management
Security information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM).
See Intrusion detection system and Security information and event management
Security management
Security management is the identification of an organization's assets i.e. including people, buildings, machines, systems and information assets, followed by the development, documentation, and implementation of policies and procedures for protecting assets.
See Intrusion detection system and Security management
ShieldsUP
ShieldsUP is an online port scanning service created by Steve Gibson of Gibson Research Corporation.
See Intrusion detection system and ShieldsUP
Snort (software)
Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS) created in 1998 by Martin Roesch, founder and former CTO of Sourcefire. Intrusion detection system and Snort (software) are intrusion detection systems.
See Intrusion detection system and Snort (software)
Software
Software consists of computer programs that instruct the execution of a computer.
See Intrusion detection system and Software
Software bug
A software bug is a bug in computer software.
See Intrusion detection system and Software bug
Software-defined protection
Software-defined protection (SDP) is a computer network security architecture and methodology that combines network security devices and defensive protections which leverage both internal and external intelligence sources. Intrusion detection system and Software-defined protection are computer network security.
See Intrusion detection system and Software-defined protection
Spoofing attack
In the context of information security, and especially network security, a spoofing attack is a situation in which a person or program successfully identifies as another by falsifying data, to gain an illegitimate advantage. Intrusion detection system and spoofing attack are computer network security.
See Intrusion detection system and Spoofing attack
SRI International
SRI International (SRI) is an American nonprofit scientific research institute and organization headquartered in Menlo Park, California.
See Intrusion detection system and SRI International
Subnet
A subnetwork, or subnet, is a logical subdivision of an IP network.
See Intrusion detection system and Subnet
Sun Microsystems
Sun Microsystems, Inc. (Sun for short) was an American technology company that sold computers, computer components, software, and information technology services and created the Java programming language, the Solaris operating system, ZFS, the Network File System (NFS), and SPARC microprocessors.
See Intrusion detection system and Sun Microsystems
Tcpdump
tcpdump is a data-network packet analyzer computer program that runs under a command line interface.
See Intrusion detection system and Tcpdump
Traffic analysis
Traffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication.
See Intrusion detection system and Traffic analysis
Transport layer
In computer networking, the transport layer is a conceptual division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model.
See Intrusion detection system and Transport layer
Trojan horse (computing)
In computing, a Trojan horse (or simply Trojan) is any malware that misleads users of its true intent by disguising itself as a standard program.
See Intrusion detection system and Trojan horse (computing)
TZSP
TaZmen Sniffer Protocol (TZSP) is an encapsulation protocol used to wrap other protocols. Intrusion detection system and TZSP are intrusion detection systems.
See Intrusion detection system and TZSP
University of California, Davis
The University of California, Davis (UC Davis, UCD, or Davis) is a public land-grant research university in Davis, California, United States.
See Intrusion detection system and University of California, Davis
User behavior analytics
User behavior analytics (UBA) or user and entity behavior analytics (UEBA), is the concept of analyzing the behavior of users, subjects, visitors, etc.
See Intrusion detection system and User behavior analytics
VAX
VAX (an acronym for Virtual Address eXtension) is a series of computers featuring a 32-bit instruction set architecture (ISA) and virtual memory that was developed and sold by Digital Equipment Corporation (DEC) in the late 20th century.
See Intrusion detection system and VAX
Wiley (publisher)
John Wiley & Sons, Inc., commonly known as Wiley, is an American multinational publishing company that focuses on academic publishing and instructional materials.
See Intrusion detection system and Wiley (publisher)
Yongguang Zhang
Yongguang Zhang from Microsoft Research Asia, China was named Fellow of the Institute of Electrical and Electronics Engineers (IEEE) in 2014 for contributions to software radio technology. He received his Ph.D. in computer science from Purdue University in 1994.
See Intrusion detection system and Yongguang Zhang
Zeek
Zeek is a free and open-source software network analysis framework. Intrusion detection system and Zeek are intrusion detection systems.
See Intrusion detection system and Zeek
See also
Intrusion detection systems
- Advanced Intrusion Detection Environment
- Application protocol-based intrusion detection system
- Host-based intrusion detection system
- Host-based intrusion detection system comparison
- Incident Object Description Exchange Format
- Intrusion Detection Message Exchange Format
- Intrusion detection system
- LARIAT
- McAfee Change Control
- Network tap
- OSSEC
- Open Source Tripwire
- Prelude SIEM (Intrusion Detection System)
- Protocol-based intrusion detection system
- Sagan (software)
- Samhain (software)
- Security Device Event Exchange
- Snort (software)
- Suricata (software)
- TZSP
- Zeek
References
[1] https://en.wikipedia.org/wiki/Intrusion_detection_system
Also known as Active intrusion detection system, Host Intrusion Prevention System, Host-based intrusion-prevention system, Intrusion Detection, Intrusion Detection Expert System, Intrusion Detection Systems, Intrusion Detection and Prevention Systems, Intrusion Prevention System, Intrusion Protection System, Intrusion blocking, Intrusion detection and prevention system, Intrusion detection in communication systems, Intrusion prevention, Intrusion prevention software, Intrusion prevention system servers, Intrusion prevention systems, Intrusion-detection system, Intrusion-prevention system, Malicious code detection, Need of intrusion detection system, Network Intrusion Prevention System, Network intrusion detection system, Network intrusion-detection system, Network-based IDS, Network-based intrusion detection system, Personal Intrusion Prevention System, RateBasedIPS, System Safety Monitor, Wireless Intrusion Detection.
, Real-time adaptive security, Rebecca Bace, Security information and event management, Security management, ShieldsUP, Snort (software), Software, Software bug, Software-defined protection, Spoofing attack, SRI International, Subnet, Sun Microsystems, Tcpdump, Traffic analysis, Transport layer, Trojan horse (computing), TZSP, University of California, Davis, User behavior analytics, VAX, Wiley (publisher), Yongguang Zhang, Zeek.