Skip to contentScholarGate
LibraryBookshelfDeskReview StudioAssistant
Sign in
Intrusion Detection System/Evidence
Method evidence record

Intrusion Detection System

An Intrusion Detection System (IDS) is a security tool that monitors network traffic and system activity to identify unauthorized access attempts, malware infections, and policy violations. Introduced by Dorothy Denning in 1987, IDS employs two main detection paradigms: signature-based (matching known attack patterns) and anomaly-based (identifying deviations from normal behavior).

Sources recorded, not reviewed

Source record

Citations copied verbatim from the method’s source record. No claim-level verification is inferred from them.

Network and Host-Based Intrusion Detection and Response Framework
Taxonomic method record · process-pipeline / cryptography
  • Denning, D. E. (1987). An intrusion-detection model. IEEE Transactions on Software Engineering, 13(2), 222–232. · DOI 10.1109/TSE.1987.232894
  • Lippmann, R. P., Kunkel, J. W., Base, D. J., Haines, J. W., Fried, D. J., Webster, S. E., & Wyschogrod, D. B. (2000). 1999 DARPA intrusion detection evaluation: Datasets. Technical Report, MIT Lincoln Laboratory. · URL
  • Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., & García-Alonso, J. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers & Security, 28(1–2), 18–28. · DOI 10.1016/j.cose.2008.08.003
Open full method

Curated claims

Claims persisted in the evidence ledger, each with its own assessment.

No curated claims yet

This view does not invent a claim assessment when the ledger has none.

Related methods

Generated from the method graph and shown as machine-suggested relations — no evidence claim is inferred.

Same method familyPenetration Testing Methodologymachine-suggested · Relational suggestion, not evidence.Same method familyTLS Protocol Analysismachine-suggested · Relational suggestion, not evidence.Same method familyVulnerability Assessmentmachine-suggested · Relational suggestion, not evidence.

Evidence status

Sources recorded, not reviewed

Bibliographic sources are present. Claim-level evidence review has not been performed.

Sources

3 recorded citations, copied from the method source record.

Actions

Open method page
ScholarGate

A content-first reference library for research methods — what each one is, how it works, and where it comes from.

Open data (CC-BY)

Explore

  • Library
  • Search the library…
  • Browse by field
  • Fields
  • Journey
  • Compare
  • Which method?

Reference

  • Subjects
  • Atlas
  • Glossary
  • Methodology
  • Philosophy

Your tools

  • Bookshelf
  • Desk
  • Chat

Company

  • About
  • Pricing
  • Contact
  • Suggest a method

Entries are compiled from published sources for reference. Verifying the accuracy and suitability of any information for your own use remains your responsibility.

© 2026 ScholarGate · A research-method reference library
  • Privacy
  • Cookies
  • Terms
  • Delete account