In this chapter, you will learn to:
Explain intrusion detection
Identify the four types of security threats
Identify the three types of attacks
Understand the three phases of an attack
Explain the difference between host-based and network-based intrusion detection
Understand the difference between anomaly and misuse triggering mechanisms
The purpose of an intrusion detection system (IDS) is to notify the appropriate personnel when an intrusion or attack is discovered. You can detect attacks or intrusion into your computer network or systems in numerous ways and various IDS systems exist to detect these attacks. Just as a burglar alarm can be installed in a business to notify the police of an intrusion, an IDS system can be installed on your computer network to detect intrusions and notify security personnel.
This chapter provides an overview of intrusion detection by describing the four types of security threats, the types of attacks, and the phases of an attack. Additionally, this chapter examines the different types of IDS, and discusses the strengths and weaknesses of each type.