stackoom
  简体   繁体   中英

What is the difference between signature and anomaly based IDS

 原文  2022-08-10 11:18:40       security/ snort

Question

I was assigned to work on IDS using snort for my internship project. On my study to understand what IDSs is all about i can't seem to clearly understand the different detection techniques ( Signature based and Anomaly Based)

1 answers

solution1
 0 ACCPTED  2022-08-10 11:30:33

I would suggest to read the following article, it is short and comprehensible:

https://www.n-able.com/blog/intrusion-detection-system

For short:

Signature-based detection scans for known/similar threats stored in a database. Anomaly-based detection analyses traffic etc. and finds "anomalies" via algorithmns.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question What is the difference between a “nonce” and a “GUID”? What is difference between TinyDTLS and DTLS What is the difference between JAAS and JAAP? What is the difference between a countermeasure and a control? What is the difference between CORS and CSPs? What is the difference between NHTTP and HTTP? What is the difference between AuthenticateRequest and AuthorizeRequest Technical difference between session and token based auth What is the difference between metamorphic and polymorphic code? What is the difference between basic authentication and cryptographic authentication?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM