Intrusion Detection with Snort

Methods of Detecting Intrusions

IDSs have several methods of detecting intrusions at their disposal. Certain techniques are better suited to monitoring for different types of intrusions; IDSs are likely to employ more than one variety of detection.

Signature Detection

Signature detection identifies security events that attempt to use a system in a non-standard means. Known representations of intrusions are stored in the IDS and are then compared to system activity. When a known intrusion matches an aspect of system use, an alert is raised to the IDS analyst.

Known representations of intrusions are termed signatures. Signatures must be created to exactly match the characteristics of a specific intrusion and no other activity to avert false positives. ...

Get Intrusion Detection with Snort now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Intrusion Detection with Snort by Jack Koziol

Methods of Detecting Intrusions

Signature Detection

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly