By:Victoria Gonzalez
An intrusion detection system (IDS) alerts an organization if any malicious activity is detected within their systems. There are five types of an IDS. I will be going over the five types of an IDS within the next section.
The first type of IDS is Network intrusion detection systems (NIDS) which monitors traffic through various sensors which helps the system monitor traffic through sensor points. NIDS can be modified by adding your own rules to the engine system and with many NIDS, you could import those into the system at your own convenience and soon be able to create your own rules.
The next type of IDS is Host intrusion detection systems (HIDS) which is placed on devices directly to monitor traffic. HIDS needs to include a control module if you don't want to have to login each time you need to get feedback.
The third type of IDS is Protocol-based intrusion detection systems (PIDS) which is a protocol-based IDS that monitors traffic flowing from devices. In the picture you can see that PIDS is monitoring traffic flowing from difference places.
The fourth is the Application protocol-based intrusion detection systems (APIDS) which is like PIDS, however, the difference is that this system monitors traffic across a group of servers instead of just one.
The fifth type of IDS is the hybrid intrusion detection systems which is a hybrid of the previous systems that cover multiple systems in one interface.
There are many different types of Intrusion Detection Systems (IDS) that are out there to help protect you and your software. The most important out of the categories listed above would be HIDS and NIDS. The IDS sends an alert to the security team, so they can investigate and solve the problem. The main goal of an IDS is to track any abnormalities before hackers can complete their objective within the system along with detect what resources the attackers may have wanted to access, how did they get past security controls, and what type of cyberattacks did they initiate. The pros of HIDS are that it offers an excellent line of defense if NIDS fails to detect a breach in the network, it is far cheaper than setting up a NIDS, it is better at analyzing encrypted traffic than NIDS, and more. The pros involving having NIDS would that it would provide IDS security along the entire network, cover parts of the network where the traffic is most vulnerable, secure and hide from intruders, and more. Overall, having an Intrusion Detection System would work best when it comes to preventing hackers from attacking your software.
IDS vs. IPS: What Organizations Need to Know by Ledesma, Josue. Published on Varonis, June 30, 2022."IDS vs. IPS: What Organizations Need to Know"
Intrusion Detection Systems Explained: 14 Best IDS Software Tools Reviewed by Cooper, Stephen. Published on comparitech, May 6 2022."Intrusion Detection Systems Explained: 14 Best IDS Software Tools Reviewed"
What is an Intrusion Detection System? by Velimirovic, Andreja. Published on PhoneixNAP, September 2 2021."What Is an Intrusion Detection System?"
"Hybrid of NIDS and HIDS Picture"