The Proceedings of the Information Systems Education Conference 2001: §36b    Home    Papers/Indices    prev (§36a)    Next (§37a)
Recommended Citation: Raggad, B G.  Intrusion Detection Systems.  In The Proceedings of the Information Systems Education Conference 2001, v 18 (Cincinnati): §36b.

Intrusion Detection Systems

Bel G. Raggad    [a1] [a2]
Information Systems Department
Pace University    [u1] [u2]
Pleasantville, New York, USA    [c1] [c2]

Depending upon who you ask, the IDS may be a simple audit trail process, or a filter process using a traffic control system, like screening routers, packet filters, firewalls, etc. Some people use IDS to mean a logging utility. Others refer to IDS when they use a router-based access list, or an operating system monitor. For example, the file systems in your network environment contain a variety of software and data files. Unexpected changes in directories and files, especially those to which access is normally restricted, may be an indication that an intrusion has occurred. Changes may include modifying, creating, or deleting directories and files. What makes such changes unexpected may depend on who changed them and where, when, and how the changes were made. An intrusion detection system is a computer-based information system designed to collect information about malicious activities in a set of targeted IT resources, analyze the information, and respond according to a predefined security policy.

Keywords: intrusion detection systems, IDS, IDS engine, logging utility, information processing

Read this presentation handout (non-refereed) in Adobe Portable Document (PDF) format. (55 K bytes)
Preview this presentation handout (non-refereed) in Plain Text (TXT) format. (2 K bytes)

Comments and corrections to