Revision as of 10:48, 27 November 2009 edit Gingerman50 (talk \| contribs) 4 edits m Removed the "protocol"s behind HTTP as is repetition as it is essentially saying HyperText Transfer Protocol protocol ← Previous edit		Revision as of 13:52, 17 December 2009 edit undo SmackBot (talk \| contribs) 3,734,324 edits m remove Erik9bot category,outdated, tag and general fixes Next edit →
Line 1: {{Unreferenced\|date=December 2009}} A '''protocol-based intrusion detection system (PIDS)''' is an [[intrusion detection system]] which is typically installed on a [[web server]], and is used in the monitoring and analysis of the [[Communications protocol\|protocol]] in use by the computing system. A PIDS will monitor the dynamic behavior and state of the protocol and will typically consist of a system or agent that would typically sit at the front end of a server, monitoring and analyzing the communication between a connected device and the system it is protecting. Line 5 ⟶ 6: Where HTTPS is in use then this system would need to reside in the "shim" or interface between where HTTPS is [[Cryptography\|un-encrypted]] and immediately prior to it entering the Web [[presentation layer]]. == Monitoring dynamic behavior == At a basic level a PIDS would look for, and enforce, the correct use of the protocol. Line 19 ⟶ 20: * [[Trusted platform module]] {{DEFAULTSORT:Protocol-Based Intrusion Detection System}} [[Category:Intrusion detection system]] ~~[[Category:Articles lacking sources (Erik9bot)]]~~ [[es:PIDS]]

Protocol-based intrusion detection system: Difference between revisions