Application protocol-based intrusion detection system: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 18:34, 28 March 2007 edit 67.164.250.143 (talk) →Monitoring dynamic behavior ← Previous edit		Latest revision as of 18:42, 22 October 2024 edit undo BattyBot (talk \| contribs) Bots 1,957,317 edits →top: Removed Template:Multiple issues and General fixes Tag: AWB
(30 intermediate revisions by 24 users not shown)
Line 1: {{notability\|date=April 2012}} An '''application protocol-based intrusion detection system''' ('''APIDS)''') is an [[intrusion detection system]] that focuses its monitoring and analysis on a specific application [[protocol (computing)\|protocol]] or protocols in use by the computing system.<ref>{{Cite web \|date=2024-04-01 \|title=6 Types of Intrusion Detection System \|url=https://internationalsecurityjournal.com/types-of-intrusion-detection-system/ \|access-date=2024-07-09 \|website=internationalsecurityjournal.com \|language=en-GB}}</ref> == Overview == An APIDS will monitor the dynamic behavior and [[state (computer science)\|state]] of the protocol and will typically ~~consists~~consist of a system or agent that would typically sit between a [[process (computing)\|process]], or group of [[server (computing)\|server]]s, [[System Monitoring\|monitoring]] and analyzing the application protocol between two connected devices. A typical place for an APIDS would be between a [[web server]] and the [[database management system]], monitoring the [[SQL]] protocol specific to the [[middleware]]/[[business logic]] as it interacts with the [[database]].<ref>{{Cite web \|date=2023-04-19 \|title=What is an Intrusion Detection System (IDS)? {{!}} IBM \|url=https://www.ibm.com/topics/intrusion-detection-system \|access-date=2024-07-09 \|website=www.ibm.com \|language=en-us}}</ref> == Monitoring dynamic behavior == AsAt a basic level an APIDS would look for, and enforce, the correct (legal) use of the protocol. However at a more advanced level the APIDS can learn, be taught or even reduce what is often an infinite protocol set, to an acceptable understanding of the [[subset]] of that application protocol that is used by the application being monitored/protected. Line 15 ⟶ 16: ==See also== * [[Intrusion detection system]] (IDS) * [[Application firewall\|Web application firewall (WAF)]] ==References== ~~[[Category:Security software]]~~ {{reflist}} ~~[[Category:System administration]]~~ [[Category:Intrusion detection systems]] {{software-type-stub}} {{security-software-stub}} [[es:APIDS]] ~~[[ko:호스트 기반 침입 탐지 시스템]]~~ ~~[[it:Application Protocol intrusion detection system]]~~