HIPS (Host Intrusion Prevention System)

GPTKB entity

Statements (47)
Predicate Object
gptkbp:instanceOf intrusion prevention system
gptkbp:abbreviation Host Intrusion Prevention System
gptkbp:alerts system administrators
gptkbp:analyzes application behavior
system calls
registry changes
file system changes
gptkbp:block suspicious processes
gptkbp:canBe gptkb:security
gptkb:fire
signature-based
policy-based
behavior-based
gptkbp:canBeBypassedBy advanced persistent threats
gptkbp:canBeManagedBy centralized console
local interface
gptkbp:canLog security events
gptkbp:cause false positives
false negatives
gptkbp:component defense in depth strategy
gptkbp:detects malicious activity
gptkbp:distinctFrom NIPS (Network Intrusion Prevention System)
gptkbp:example gptkb:Symantec_Endpoint_Protection
gptkb:Sophos_Intercept_X
McAfee Host Intrusion Prevention
Trend Micro OfficeScan
gptkbp:focusesOn host-based security
gptkbp:goal protect host from threats
https://www.w3.org/2000/01/rdf-schema#label HIPS (Host Intrusion Prevention System)
gptkbp:isImplementedAs gptkb:software
kernel module
application layer process
gptkbp:isProvidedBy security vendors
gptkbp:monitors host system activities
gptkbp:partOf endpoint security
gptkbp:prevention unauthorized access
rootkits
zero-day attacks
privilege escalation
buffer overflow attacks
malware execution
gptkbp:requires regular updates
policy configuration
gptkbp:usedIn personal computers
enterprise environments
gptkbp:bfsParent gptkb:Comodo_Internet_Security
gptkbp:bfsLayer 5