Protocol-based intrusion detection system: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 13:52, 17 December 2009 edit SmackBot (talk \| contribs) 3,734,324 edits m remove Erik9bot category,outdated, tag and general fixes ← Previous edit		Latest revision as of 12:38, 12 July 2024 edit undo Procyon117 (talk \| contribs) Extended confirmed users 17,627 edits Restore
(7 intermediate revisions by 7 users not shown)
Line 1: {{~~Unreferenced~~More sources needed\|date=~~December~~July ~~2009~~2024}} A '''protocol-based intrusion detection system''' ('''PIDS)''') is an [[intrusion detection system]] which is typically installed on a [[web server]], and is used in the monitoring and analysis of the [[Communications protocol\|protocol]] in use by the computing system. A PIDS will monitor the dynamic behavior and state of the protocol and will typically consist of a system or agent that would typically sit at the front end of a server, monitoring and analyzing the communication between a connected device and the system it is protecting. A typical use for a PIDS would be at the front end of a web server monitoring the [[HTTP]] (or [[HTTPS]]) stream.<ref>{{Cite web \|date=2023-04-19 \|title=What is an Intrusion Detection System (IDS)? {{!}} IBM \|url=https://www.ibm.com/topics/intrusion-detection-system \|access-date=2024-07-09 \|website=www.ibm.com \|language=en-us}}</ref> Because it understands the HTTP relative to the web server/system it is trying to protect it can offer greater protection than less in-depth techniques such as filtering by [[IP address]] or [[port number]] alone, however this greater protection comes at the cost of increased computing on the web server. Where HTTPS is in use then this system would need to reside in the "shim" or interface between where HTTPS is [[Cryptography\|un-encrypted]] and immediately prior to it entering the Web [[presentation layer]]. Line 12: ==See also== * [[Application protocol-based intrusion detection system]] (APIDS)▼ * [[Host-based intrusion detection system]] (HIDS)▼ * [[Intrusion detection system]] (IDS) * [[Network intrusion detection system]] (NIDS) * [[Tripwire (software)]] -– a pioneering HIDS▼ ▲* [[Host-based intrusion detection system]] (HIDS) ▲* [[Application protocol-based intrusion detection system]] (APIDS) ▲* [[Tripwire (software)]] - a pioneering HIDS * [[Trusted Computing Group]] * [[Trusted platform module]] ==References== {{Reflist}} {{DEFAULTSORT:Protocol-Based Intrusion Detection System}} [[Category:Intrusion detection ~~system~~systems]] [[Category:Web server management software]] [[es:PIDS]]