O'Reilly logo

Intrusion Detection with Snort by Jack Koziol

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Methods of Detecting Intrusions

IDSs have several methods of detecting intrusions at their disposal. Certain techniques are better suited to monitoring for different types of intrusions; IDSs are likely to employ more than one variety of detection.

Signature Detection

Signature detection identifies security events that attempt to use a system in a non-standard means. Known representations of intrusions are stored in the IDS and are then compared to system activity. When a known intrusion matches an aspect of system use, an alert is raised to the IDS analyst.

Known representations of intrusions are termed signatures. Signatures must be created to exactly match the characteristics of a specific intrusion and no other activity to avert false positives. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required