Denial of service attacks

6. What is the function of the signature-based IDS?

Answer: The signature-based IDS monitors the network traffic or observes the system and sends alarms if a known malicious event is happening. It does this by comparing the data flow against a database of known attack patterns. These signatures explicitly define what traffic or activity should be considered as malicious. An excellent white paper on signature-based IDS can be found at _paper09186a0080092334.shtml.

0 0

Post a comment