Studied by 0 people
Looks like no one added any tags here yet for you.
Intrusion Detection
A hardware or software function that gathers and analyzes information from various areas within a computer or a network to identify possible security intrusions.
Cyber Criminals
Individuals or members of organized crime groups with a goal of financial reward, engaging in activities such as identity theft and data ransoming.
Hacktivists
Individuals or groups motivated by social or political causes, often aimed at promoting their cause through website defacement or denial of service attacks.
Advanced Persistent Threats (APTs)
Groups of hackers sponsored by governments to conduct espionage or sabotage activities.
Script-kiddies
Hackers with minimal technical skill who primarily use existing attack toolkits.
Host-Based IDS (HIDS)
Monitors the characteristics of a single host for suspicious activity.
Network-Based IDS (NIDS)
Monitors network traffic and analyzes protocols to identify suspicious activity.
Anomaly Detection
Involves the collection of data relating to the behavior of legitimate users to determine if current behavior indicates an intruder.
Signature Detection
Involves matching known patterns of malicious data against data stored on a system or in transit over a network.
Buffer Overflow Vulnerabilities
Flaws in a program that allows a hacker to manipulate memory allocation, often exploited by classic hackers.
Privilege Escalation
A tactic used by intruders to gain higher access rights within a system after initial access.
Data Sources and Sensors
Fundamental components of intrusion detection that collect data from various sources like system call traces and log files.
Denial of Service (DoS) attacks
Attacks intended to disrupt the normal functionality of a network service, making it unavailable to its intended users.
Intrusion Detection System (IDS)
Comprises three logical components: sensors that collect data, analyzers that determine if an intrusion has occurred, and a user interface to view output.
Network Traffic
Data packets transmitted over a network that are analyzed by NIDS to detect suspicious activity.
Exploits
Vulnerabilities in a system that can be exploited by intruders for unauthorized access or damage.
Data Ransoming
A method used by cyber criminals where sensitive data is held hostage until a ransom is paid.
Covering tracks
The behavior of intruders aimed at erasing or hiding their activities and presence in a system after a successful attack.
