Intrusion detection and prevention systems (IDPS) are security systems that are used to detect and prevent security threats to computer systems and computer networks. These systems are configured to detect and respond to security threats automatically there by reducing the risk to monitored computers and networks. Intrusion detection and prevention systems use different methodologies such as signature based, anomaly based, stateful protocol analysis, and a hybrid system that combines some or all of the other systems to detect and respond to security threats. The growth of systems that use a combination of methods creates some confusion when trying to choose a methodology and system to deploy. This paper seeks to offer a clear explanation of each methodology and then offer a way to compare these methodologies.
展开▼
