Intrusion detection system (IDS)
An intrusion detection system (IDS) An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered. While anomaly detection and reporting are the primary functions of an IDS, some intrusion detection systems are capable of taking action when malicious activity or anomalous traffic is detected, including blocking traffic sent from suspicious Internet Protocol (IP) addresses. An IDS can be contrasted with an intrusion prevention system (IPS), which monitors network packets for potentially damaging network traffic, like an IDS, but has the primary goal of preventing threats once detected, as opposed to primarily detecting and recording threats. How do intrusion detection systems work? Intrusion detection systems are used to detect anomalies with the aim of catching hackers before they do real damage to a network. IDSes can be either network- or host-based. A host-based i...