IDS and IPS to detect and react to intrusions
Firewalls. The pocketknife for enforcing computer security

Add to my library

TE7550 V2 Article

IDS and IPS to detect and react to intrusions


Firewalls. The pocketknife for enforcing computer security

Author : Maryline LAURENT

Publication date: October 10, 2017, Review date: January 3, 2024 | Lire en français

Add to my library Add to my library

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

9. IDS and IPS to detect and react to intrusions

Intrusion Detection Systems (IDS) detect intrusions on a network by collecting and analyzing data provided by several network devices. Their aim is to detect any abnormal activity, such as probing activities (port scanning, fingerprinting ), system compromise attempts, log file audits and so on. They are based on two techniques that can be used in complementary ways: signatures of known attacks, which are based, among other things, on the search for patterns (sequence of bytes), verification of compliance with protocol standards, etc.; and the behavioral approach, which detects any deviation from a pre-established profile for a user, service or application, this profile being measured using metrics such as CPU (Central Processing Unit) load, volume of data transmitted, connection time to resources, etc. The disadvantage of the signature-based approach is that the signature database needs...

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?


Article included in this offer

"Networks and Telecommunications"

( 174 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Dans les ressources documentaires

Technologies VPN

Cet article présente succinctement les principales topologies et technologies utilisées pour mettre en pl...

SecSIP : un environnement de protection pour la voix sur IP

SecSIP est un environnement dédié à la protection des services basés sur le protocole SIP (Session Initia...

Virtualisation des réseaux locaux - Switch, hyperviseur et pare-feu

Le besoin d’hébergement des applications et de données ne cessent de croitre. Mais cette augmentation fai...

Mise en œuvre d’un pare-feu gratuit à base d’IP Filter

Dans les débuts de l’informatique, les méthodes d’accès se faisaient par des liens directs entre des term...

Tous les livres blancs
Article Internet décentralisé : retour au Web 1.0 !
10 October 2018
Internet décentralisé : retour au Web 1.0 !

Désinformation, surveillance étatique, fuites de données... Le web actuel souffre de différents maux. Avec des réseaux décentralisés, les utilisateurs garderaie...

Toutes les actualités
Contact us