Abstract
[Superseded by NIST SP 800-94, Guide to Intrusion Detection and Prevention Systems (IDPS),
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50951] Intrusion detection systems (IDSs) are software or hardware systems that automate the process of monitoring the events occurring in a computer system or network, analyzing them for signs of security problems. As network attacks have increased in number and severity over the past few years, intrusion detection systems have become a necessary addition to the security infrastructure of most organizations. This guidance document is intended as a primer in intrusion detection , developed for those who need to understand what security goals intrusion detection mechanisms serve, how to select and configure intrusion detection systems for their specific system and network environments, how to manage the output of intrusion detection systems, and how integrate intrusion detection functions with the rest of the organizational security infrastructure.