Term of the Moment

25 Gigabit Ethernet


Look Up Another Term


Redirected from: intrusion blocking

Definition: IDS


(Intrusion Detection System) Software that detects an attack on a network or computer system. A Network IDS (NIDS) is designed to support multiple hosts, whereas a Host IDS (HIDS) is set up to detect illegal actions within the host. Most IDS programs typically use signatures of known cracker attempts to signal an alert. Others look for deviations of the normal routine as indications of an attack. Intrusion detection is very tricky. Too much analysis can add excessive overhead and also trigger false alarms. Insufficient analysis can overlook a valid attack.

Catch It at the Source
The opposite of intrusion detection is "extrusion detection." Such software examines the outgoing data in the computer to determine if malware is originating in this computer. See protocol anomaly, traffic anomaly, IPS and cyberattack.