Intrusion Detection System (IDS)

GPTKB entity

Statements (51)
Predicate Object
gptkbp:instanceOf cybersecurity technology
gptkbp:abbreviation gptkb:IDS
gptkbp:canBe commercial
open source
gptkbp:challenge false positives
false negatives
encrypted traffic analysis
high volume of alerts
gptkbp:component network security
gptkbp:deployment cloud environments
endpoints
network perimeter
gptkbp:detects malware
denial-of-service attacks
unauthorized access
signature-based detection
policy violations
anomaly-based detection
heuristic-based detection
gptkbp:developedBy 1980s
gptkbp:example gptkb:Snort
gptkb:Tripwire
gptkb:Suricata
gptkb:Bro/Zeek
OSSEC
https://www.w3.org/2000/01/rdf-schema#label Intrusion Detection System (IDS)
gptkbp:monitors user behavior
network traffic
system activities
gptkbp:output reports
alerts
logs
gptkbp:purpose monitor network traffic
detect unauthorized access
identify security breaches
gptkbp:relatedConcept incident response
threat detection
gptkbp:relatedStandard Intrusion Detection Message Exchange Format (IDMEF)
gptkbp:relatedTo gptkb:Intrusion_Prevention_System_(IPS)
gptkb:fire
SIEM (Security Information and Event Management)
gptkbp:standardizedBy gptkb:RFC_4765
gptkb:RFC_4767
gptkbp:type host-based IDS (HIDS)
hybrid IDS
network-based IDS (NIDS)
gptkbp:usedBy organizations
system administrators
security analysts
gptkbp:bfsParent gptkb:Intrusion_Prevention_System_(IPS)
gptkbp:bfsLayer 7