Intrusion Detection System (IDS)
GPTKB entity
Statements (51)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cybersecurity technology
|
gptkbp:abbreviation |
gptkb:IDS
|
gptkbp:canBe |
commercial
open source |
gptkbp:challenge |
false positives
false negatives encrypted traffic analysis high volume of alerts |
gptkbp:component |
network security
|
gptkbp:deployment |
cloud environments
endpoints network perimeter |
gptkbp:detects |
malware
denial-of-service attacks unauthorized access signature-based detection policy violations anomaly-based detection heuristic-based detection |
gptkbp:developedBy |
1980s
|
gptkbp:example |
gptkb:Snort
gptkb:Tripwire gptkb:Suricata gptkb:Bro/Zeek OSSEC |
https://www.w3.org/2000/01/rdf-schema#label |
Intrusion Detection System (IDS)
|
gptkbp:monitors |
user behavior
network traffic system activities |
gptkbp:output |
reports
alerts logs |
gptkbp:purpose |
monitor network traffic
detect unauthorized access identify security breaches |
gptkbp:relatedConcept |
incident response
threat detection |
gptkbp:relatedStandard |
Intrusion Detection Message Exchange Format (IDMEF)
|
gptkbp:relatedTo |
gptkb:Intrusion_Prevention_System_(IPS)
gptkb:fire SIEM (Security Information and Event Management) |
gptkbp:standardizedBy |
gptkb:RFC_4765
gptkb:RFC_4767 |
gptkbp:type |
host-based IDS (HIDS)
hybrid IDS network-based IDS (NIDS) |
gptkbp:usedBy |
organizations
system administrators security analysts |
gptkbp:bfsParent |
gptkb:Intrusion_Prevention_System_(IPS)
|
gptkbp:bfsLayer |
7
|