UL | CSC | ILIAS | MINE


Home

: Our Team
: Teaching
: Publications
: Research
: Conferences
: Events
: NEW: Open Theses
: NEW: Jobs
: Contact

: mics
: binfo
: ilias
: uni gr

internal only

Goethe AG
Overview NIDS

Intrusion Detection Systems (IDS) protect a network against intrusions, e.g. Viruses, Worms and Hackers. Therefore, IDS e.g. observe the network traffic, events and the status of the nodes in the network. There exist mainly two different types of IDS:

  • Network Intrusion Detection Systems (NIDS)
    NIDS are normally a server which check the network traffic which are routed over this server. For a good performance, the topology of the network guarantee that lots of traffic containing attacks is routed over the network, e.g. the NIDS is next to the Internet-Gateway. In order to provide enough computational power, the server only runs the NIDS. Normally, NIDS are supervised by an Administrator.
  • Host-based Intrusion Detection Systems (HIDS)
    HIDS are installed on each node and can be described as a small NIDS. Each node of a network provides a part of the computational power which is used to identify attacks, e.g. checking packets and observing the status of the node. Normally, the HIDS work unsupervised and report critical events to an Administrator and the Administrator guarantees that the HIDS is up-to-date.

There exist also the combination of NIDS and HIDS. This is called NNIDS which stands for Network Node Intrusion Detection System.

"Overview NIDS" is mentioned on: SANA | SANA-Project in Detail | SANA_AIS
Printable Version
VeryQuickWiki - HTML Export
Version: 2.7.1 (UniLux: 1.15.0 2006-01-19)
Modified: 2006-03-22 16:11:04
Exported: 2012-02-09 01:31:35