I was assigned to work on IDS using snort for my internship project. On my study to understand what IDSs is all about i can't seem to clearly understand the different detection techniques ( Signature based and Anomaly Based)
I would suggest to read the following article, it is short and comprehensible:
https://www.n-able.com/blog/intrusion-detection-system
For short:
Signature-based detection scans for known/similar threats stored in a database. Anomaly-based detection analyses traffic etc. and finds "anomalies" via algorithmns.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.