An intrusion detection system (IDS) is an application or device used to gather and analyzev information that passes across a network or host. An IDS is designed to analyze, identify, and report on any violations or misuse of a network or host.
Let’s take a close look at how an IDS works. An IDS is used to monitor and protect networks by detecting malicious activity and reporting it to a network administrator. Once activities of this type are detected, an administrator is alerted.
Here are some things to keep in mind as we go forward. An IDS:
- Is designed to detect malicious or nonstandard behavior
- Gathers information from within a network to detect violations of security policy
- Reports violations and deviations to an administrator or system owner