IT Governance, Risk, and Compliance

Dec 1 2012   12:09AM GMT

Network Infrastructure Security: Intrusion Detection Systems – Part IV

Robert Davis Robert Davis Profile: Robert Davis

As suggested in the aforementioned paragraph, depending on the developer, an entity deployed IDS can have a variety of components and features. However, IDS functionality commonly includes sensors for detecting data, analyzers for evaluating data, panels for monitoring activities as well as user-interfaces for manipulating configuration settings. Collected IDS items can be in the form of packets, system audit records, computed hash values as well as other data formats. Procedurally, analyzers receive input from sensors and determine intrusive activity.

The misuse detection model is based on the hypothesis that known exploits of vulnerabilities can be described by attack signatures or patterns, therefore IT attacks can be revealed through identifiable patterns. Malicious misuse encompasses reading, modification, and destruction of data. Misuse detection systems normally compare gathered information to large databases of attack signatures for internal perpetrator identification. There is typically a high-degree of certainty that signature-based intrusion detection models will recognize exact attack pattern replications; however slight variations in a data-based attack pattern may escape discovery.


Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Raleigh:, 2010.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: