6. What is the function of the signature-based IDS?
Answer: The signature-based IDS monitors the network traffic or observes the system and sends alarms if a known malicious event is happening. It does this by comparing the data flow against a database of known attack patterns. These signatures explicitly define what traffic or activity should be considered as malicious. An excellent white paper on signature-based IDS can be found at http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_white _paper09186a0080092334.shtml.
Was this article helpful?