Intrusion Detection System

An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms.

ID: d3f:IntrusionDetectionSystem
Type:

Informational References

https://d3fend.mitre.org/dao/artifact/d3f:IntrusionDetectionSystem/

D3FEND Techniques

Name Description

SPARTA Countermeasures

ID Name Description