Wikipedia

Protocol-based intrusion detection system: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
cleanup; {{wikify}}
Line 1:
{{wikify}}
A '''Protocol-based Intrusion Detection System (PIDS)''', is a special category of an [[Intrusion detection system|Intrusion-Detection System]], and focuses its monitoring and analysis on the protocol or protocols in use by the computing system.
 
A '''Protocolprotocol-based Intrusionintrusion Detectiondetection Systemsystem (PIDS)''', is a special category of an [[Intrusionintrusion detection system|Intrusion-Detection System]], andthat focuses its monitoring and analysis on the protocol or protocols in use by the computing system.
 
== Overview ==
Line 7 ⟶ 9:
A typical place for a PIDS would at the front end of a web server monitoring the HTTP (or HTTPS) protocol stream and would understand the HTTP protocol relative to the web server/system it is trying to protect.
 
Where HTTPS is in use then this system would need to reside in the "shim" or interface between where HTTPS is un-encrypted and immediately prior to it entering the Web presentation layer.
 
=== Monitoring dynamic behavior ===
Line 15 ⟶ 17:
 
==See also==
* [[Intrusion detection system]] (IDS)
* [[networkNetwork intrusion detection system|Network Intrusion Detection System]] (NIDS)
* [[Host-based intrusion detection system]] (HIDS)
* [[Application Protocolprotocol-based Intrusionintrusion Detectiondetection Systemsystem]] (APIDS)
* [[Tripwire (software)]] - a pioneering HIDS
* [[Trusted Computing Group]]
Retrieved from "https://en.wikipedia.org/wiki/Protocol-based_intrusion_detection_system"