Here is the edited document.
Intrusion detection system
An intrusion detection system (IDS) is a security technique used in networks to detect
vulnerability of computer systems and applications against attacks and compromising the system.
An IDS detects security threats and hence its placed in a path way that is not in the true real time
path way for communication between a receiver and a sender of information in a network
infrastructure. This means that an IDS uses a TAP or SPAN port to tap information passing
through the network infrastructure and analyzes it for security threats.. Hence an IDS is a
listening only device, it does this by monitoring traffic and reporting the results of its analysis to
an administrator as shown in the figure below.
There are several categories of IDS, these are :i.
Misuse detection system – this is where the IDS inspects the information it collects and
contrasts it to attack signature in the database. Therefore it looks for an intruder signature
that has already been documented.
Anomaly detection system – this is where the IDS uses the administrator’s baseline of
normal state of network operation and compares it t...