Content deleted Content added
Claudiajoyce (talk | contribs) Added to Overview section |
Claudiajoyce (talk | contribs) m →Overview: Added hyperlinks |
||
Line 11:
One can think of a HIDS as an [[software agent|agent]] that monitors whether anything or anyone, whether internal or external, has circumvented the system's [[security policy]].
In comparison to network-based intrusion detection systems, HIDS is advantageous because of its capability of identifying internal attacks. While NIDS examines data from [[network traffic]], HIDS examines data originating from [[Operating system|operating systems]]. In recent years, HIDS has been faced with the [[big data]] challenge, which can be attributed to the increased advancement of data center facilities and methodologies.<ref>{{Cite journal |last=Liu |first=Ming |last2=Xue |first2=Zhi |last3=Xu |first3=Xianghua |last4=Zhong |first4=Changmin |last5=Chen |first5=Jinjun |date=2018-11-19 |title=Host-Based Intrusion Detection System with System Calls: Review and Future Trends |url=https://doi.org/10.1145/3214304 |journal=ACM Computing Surveys |volume=51 |issue=5 |pages=98:1–98:36 |doi=10.1145/3214304 |issn=0360-0300}}</ref>
=== Monitoring dynamic behavior ===
| |||