Chapter 19

Intrusion Detection/Prevention System

The learning goals for this chapter are as follows:

  • Understand the physical location, the operational characteristics and the various functions performed by the Intrusion Detection System/Intrusion Prevention System (IDS/IPS)
  • Learn the distinctions between Host-based and Network-based IDS/IPS
  • Understand the various approaches and functional properties of both the anomaly/behavior-based and signature-based approaches to intrusion detection
  • Explore the details of both Network-based and Host-based IDS/IPS
  • Learn the function and operation of a Honeypot
  • Explore the algorithms that generate signatures for polymorphic and metamorphic worms
  • Learn the architectural configuration and protocols that are ...

Get Introduction to Computer Networks and Cybersecurity now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.