Fundamental Types of IDS Systems
Known Attack (Signature) Detection
- Looks for signatures of known attacks, stored in IDS database.
Anomalous Behavior Detection
- Learns usage and behavior patterns, and looks for users who deviate from these patterns.
(Both of these are applicable for both network and host level IDS.)