ScholarGate
⌘K
Assistant
EN
Process / pipelineNetwork security monitoring

Intrusion Detection System

An Intrusion Detection System (IDS) is a security tool that monitors network traffic and system activity to identify unauthorized access attempts, malware infections, and policy violations. Introduced by Dorothy Denning in 1987, IDS employs two main detection paradigms: signature-based (matching known attack patterns) and anomaly-based (identifying deviations from normal behavior).

Open in MethodMindSoonVideoSoon

Read the full method

Members only

Sign in with a free account to read this section.

Sign in

Sources

  1. Denning, D. E. (1987). An intrusion-detection model. IEEE Transactions on Software Engineering, 13(2), 222–232. DOI: 10.1109/TSE.1987.232894
  2. Lippmann, R. P., Kunkel, J. W., Base, D. J., Haines, J. W., Fried, D. J., Webster, S. E., & Wyschogrod, D. B. (2000). 1999 DARPA intrusion detection evaluation: Datasets. Technical Report, MIT Lincoln Laboratory. link
  3. Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., & García-Alonso, J. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers & Security, 28(1–2), 18–28. DOI: 10.1016/j.cose.2008.08.003

Related methods

Penetration Testing MethodologyTLS Protocol AnalysisVulnerability Assessment

Referenced by

Penetration Testing MethodologyVulnerability Assessment

Spotted an issue on this page? Report or suggest a fix →

ScholarGateIntrusion Detection System (Network and Host-Based Intrusion Detection and Response Framework). Retrieved 2026-06-04 from https://scholargate.app/en/cryptography/intrusion-detection-system