Analysis technologies
Intrusion detection and analysis
Article REF: H5840 V1
Analysis technologies
Intrusion detection and analysis

Author : Hervé DEBAR

Publication date: October 10, 2004 | Lire en français

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

2. Analysis technologies

2.1 Scenario-based detection

Scenario-based detection is based on accumulated knowledge of attacks and specific vulnerabilities in information systems, operating systems and applications. The intrusion detection system contains information on these vulnerabilities and searches for attempts to exploit them. When such an attempt is detected, an alert is generated.

In other words, any action that is not explicitly identified as a misuse of the information system is considered acceptable. Note that scenario-based detection covers more than just known attacks. A security policy can explicitly declare events as "undesirable" without any associated vulnerability. For example, certain protocols such as SNMP can be banned from a network regardless of any vulnerability....

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?

Ongoing reading
Analysis technologies

Article included in this offer

"Security of information systems"

( 86 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details
Contact our team FAQ