Host-based intrusion detection system: Difference between revisions

A '''host-based intrusion detection system''' ('''HIDS''') is an [[intrusion detection system]] that is capable of monitoring and analyzing the internals of a computing system as well as the [[network packet]]s on its network interfaces, similar to the way a network-based [[intrusion detection system]] (NIDS) operates.<ref name=newman2009/> ComparedHIDS tofocuses NIDS,on HIDSmore isgranular superiorand ininternal itsattacks finethrough granularityfocusing andmonitoring itshost abilityactivities toinstead detectof internaloverall attacksnetwork traffic.<ref>{{Cite journal |last=Liu |first=Ming |last2=Xue |first2=Zhi |last3=Xu |first3=Xianghua |last4=Zhong |first4=Changmin |last5=Chen |first5=Jinjun |date=2018-11-19 |title=Host-Based Intrusion Detection System with System Calls: Review and Future Trends |url=https://doi.org/10.1145/3214304 |journal=ACM Computing Surveys |volume=51 |issue=5 |pages=98:1–98:36 |doi=10.1145/3214304 |issn=0360-0300}}</ref> ThisHIDS was the first type of intrusion detection [[software]] to have been designed, with the original target system being the [[mainframe computer]] where outside interaction was infrequent.<ref name=cn31_8_805/>