Intrusion Detection System (IDS)
GPTKB entity
Statements (51)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybersecurity technology
|
| gptkbp:abbreviation |
gptkb:IDS
|
| gptkbp:canBe |
commercial
open source |
| gptkbp:challenge |
false positives
false negatives encrypted traffic analysis high volume of alerts |
| gptkbp:component |
network security
|
| gptkbp:deployment |
cloud environments
endpoints network perimeter |
| gptkbp:detects |
malware
denial-of-service attacks unauthorized access signature-based detection policy violations anomaly-based detection heuristic-based detection |
| gptkbp:developedBy |
1980s
|
| gptkbp:example |
gptkb:Snort
gptkb:Tripwire gptkb:Suricata gptkb:Bro/Zeek OSSEC |
| https://www.w3.org/2000/01/rdf-schema#label |
Intrusion Detection System (IDS)
|
| gptkbp:monitors |
user behavior
network traffic system activities |
| gptkbp:output |
reports
alerts logs |
| gptkbp:purpose |
monitor network traffic
detect unauthorized access identify security breaches |
| gptkbp:relatedConcept |
incident response
threat detection |
| gptkbp:relatedStandard |
Intrusion Detection Message Exchange Format (IDMEF)
|
| gptkbp:relatedTo |
gptkb:Intrusion_Prevention_System_(IPS)
gptkb:fire SIEM (Security Information and Event Management) |
| gptkbp:standardizedBy |
gptkb:RFC_4765
gptkb:RFC_4767 |
| gptkbp:type |
host-based IDS (HIDS)
hybrid IDS network-based IDS (NIDS) |
| gptkbp:usedBy |
organizations
system administrators security analysts |
| gptkbp:bfsParent |
gptkb:Intrusion_Prevention_System_(IPS)
|
| gptkbp:bfsLayer |
7
|