We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is Intrusion Detection?

By Gabriele Sturmer
Updated: May 16, 2024
Views: 8,363
Share

Intrusion detection deals with noticing unauthorized attempts to access a computer network or physical computer system. Its purpose is to detect any threats that could allow access to unauthorized information, negatively affect data integrity or result in a loss of access within a network. It is usually implemented through the use of an intrusion detection system (IDS) that detects, records and logs various information about others connecting to the network or accessing a physical host. These systems can range from software solutions that simply log traffic information to physical systems that involve security guards, cameras and motion sensors.

There are three primary types of intrusion detection, including network-based, host-based and physical methods. Network-based methods try to flag suspicious network traffic and typically use programs that record the traffic and packets flowing through a network. Host-based methods look for possible intrusions on a physical computer system and check for file integrity, identify rootkits, monitor local security policies and analyze logs. Physical methods also deal with identifying security issues on physical devices and use physical controls, such as people, security cameras, firewalls and motion sensors. In many business with confidential data and critical systems, a combination of these methods is desirable for the best possible security.

Intrusion detection systems do not usually prevent intrusions from happening; instead, they simply log events that occur so others can gather and analyze the information. Although this is especially true for network-based and host-based intrusion detection methods, this may not be true for some physical methods, such as firewalls and security personnel. Firewalls often provide the ability to block suspicious traffic and can learn what is and is not allowed access. Security personnel also can prevent people from physically breaking into a company or data center, and monitored traps and access control systems are other physical methods that can prevent someone from breaking in.

The limitations of intrusion detection systems mean many organizations also use an intrusion prevention system (IPS) to take action when suspicious activity occurs. Many of these systems include the functions of an intrusion detection system and provide a more well-rounded security system that is helpful when responding to security breaches is critical. When the IPS detects suspicious traffic or policy violations, it takes the action configured in its policies. Information security employees or system administrators usually configure the policies the IPS uses to respond to each event.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Discussion Comments
Share
https://www.easytechjunkie.com/what-is-intrusion-detection.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.