An intrusion detection system (ids) is a software application or a device
which is used to monitor system or network activities for malicious activity
or policy violation. As the internet and networks have become more pervasive to intrusion events, organizations implement various systems to implement security breaches. The main goal of intrusion detection is to monitor network assets to detect anomalous behavior and any misuse in network.
IDS can be classified into three types:
A) Host based IDS
B) Network based IDS C) Hybrid based IDS
Host based IDS
This is placed on a server or a workstation, where the data collected from different sources are analyzed locally to the machine. Host IDS and software applications installed on workstations which are to be monitored. The agent monitors and write data to log files or trigger alarms. A HIDS only monitors individual workstations on which it is installed.