Abstract
Pervasive healthcare systems, smart grids, and unmanned aircraft systems are examples of Cyber-Physical Systems (CPSs) that have become highly integrated in the modern world. As this integration deepens, the importance of securing these systems increases. In order to identify gaps and propose research directions in CPS intrusion detection research, we survey the literature of this area. Our approach is to classify modern CPS Intrusion Detection System (IDS) techniques based on two design dimensions: detection technique and audit material. We summarize advantages and drawbacks of each dimension’s options. We also summarize the most and least studied CPS IDS techniques in the literature and provide insight on the effectiveness of IDS techniques as they apply to CPSs. Finally, we identify gaps in CPS IDS research and suggest future research areas.
- Hamid Al-Hamadi and Ing-Ray Chen. 2013. Redundancy management of multipath routing for intrusion tolerance in heterogeneous wireless sensor networks. IEEE Transactions on Network and Service Management 19, 2, 189--203.Google ScholarCross Ref
- K. M. Ali, W. Venus, and M. S. Al Rababaa. 2009. The affect of fuzzification on neural networks intrusion detection system. In Proceedings of the 4th Conference on Industrial Electronics and Applications. Xi’an, China, 1236--1241.Google Scholar
- B. Asfaw, D. Bekele, B. Eshete, A. Villafiorita, and K. Weldemariam. 2010. Host-based anomaly detection for pervasive medical systems. In Proceedings of the 5th International Conference on Risks and Security of Internet and Systems. Montreal, QC, Canada, 1--8.Google Scholar
- Fenye Bao, Ing-Ray Chen, MoonJeong Chang, and Jin-Hee Cho. 2011. Trust-based intrusion detection in wireless sensor networks. In Proceedings of the International Conference on Communications. Kyoto, Japan, 1--6.Google ScholarCross Ref
- Fenye Bao, Ing-Ray Chen, MoonJeong Chang, and Jin-Hee Cho. 2012. Hierarchical trust management for wireless sensor networks and its applications to trust-based routing and intrusion detection. IEEE Transactions on Network and Service Management 9, 2 (June 2012), 169--183.Google ScholarCross Ref
- Rafael Barbosa and Aiko Pras. 2010. Intrusion detection in SCADA networks. In Mechanisms for Autonomous Management of Networks and Services, Burkhard Stiller and Filip De Turck (Eds.). Lecture Notes in Computer Science, Vol. 6155. 163--166. Google ScholarDigital Library
- Farokh B. Bastani, Ing-Ray Chen, and Tai-Wei Tsao. 1994. Reliability of systems with fuzzy-failure criterion. In Proceedings of the Annual Reliability and Maintainability Symposium. Anaheim, California, USA, 442--448.Google ScholarCross Ref
- Carlo Bellettini and Julian Rrushi. 2008. A product machine model for anomaly detection of interposition attacks on cyber-physical systems. In Proceedings of the 23rd International Federation for Information Processing International Information Security Conference. Milan, Italy, 285--300.Google ScholarCross Ref
- John Bigham, David Gamez, and Ning Lu. 2003. Safeguarding SCADA systems with anomaly detection. In Computer Network Security, Vladimir Gorodetsky, Leonard Popyack, and Victor Skormin (Eds.). Lecture Notes in Computer Science, Vol. 2776. 171--182.Google ScholarCross Ref
- Sonja Buchegger and Jean-Yves Le Boudec. 2002. Performance analysis of the CONFIDANT protocol. In Proceedings of the 3rd International Symposium on Mobile Ad Hoc Networking & Computing. Lausanne, Switzerland, 226--236. Google ScholarDigital Library
- Andrea Carcano, Alessio Coletta, Michele Guglielmi, Marcelo Masera, Igor Nai Fovino, and AlbertoTrombetta. 2011. A multidimensional critical state analysis for detecting intrusions in SCADA systems. IEEE Transactions on Industrial Informatics 7, 2 (May 2011), 179--186.Google ScholarCross Ref
- Andrea Carcano, Igor Nai Fovino, Marcelo Masera, and Alberto Trombetta. 2010. State-based network intrusion detection systems for SCADA protocols: A proof of concept. In Critical Information Infrastructures Security, Erich Rome and Robin Bloomfield (Eds.). Lecture Notes in Computer Science, Vol. 6027. 138--150. Google ScholarDigital Library
- Oliver Chapelle, Bernhard Schölkopf, and Alexander Zien. 2006. Semi-Supervised Learning. Vol. 2. MIT Press, Cambridge, MA.Google Scholar
- Ing-Ray Chen, Fenye Bao, MoonJeong Chang, and Jin-Hee Cho. 2010. Trust management for encounter-based routing in delay tolerant networks. In Proceedings of the Global Communications Conference. Miami, FL, USA, 1--6.Google ScholarCross Ref
- Ing-Ray Chen, Fenye Bao, MoonJeong Chang, and Jin-Hee Cho. 2013. Dynamic trust management for delay tolerant networks and its application to secure routing. IEEE Transactions on Parallel and Distributed Systems.Google Scholar
- Ing-Ray Chen and Farokh B. Bastani. 1991. Effect of artificial-intelligence planning-procedures on system reliability. IEEE Transactions on Reliability 40, 3, 364--369.Google ScholarCross Ref
- Ing-Ray Chen, Farokh B. Bastani, and Tai-Wei Tsao. 1995. On the reliability of AI planning software in real-time applications. IEEE Transactions on Knowledge and Data Engineering 7, 1, 4--13. Google ScholarDigital Library
- Ing-Ray Chen, Tsong-Min Chen, and Chiang Lee. 1998. Performance evaluation of forwarding strategies for location management in mobile networks. Computer Journal 41, 4, 243--253.Google ScholarCross Ref
- Ing-Ray Chen, Anh Speer, and Mohamed Eltoweissy. 2011. Adaptive fault tolerant QoS control algorithms for maximizing system lifetime of query-based wireless sensor networks. IEEE Transactions on Dependable and Secure Computing 8, 2, 161--176. Google ScholarDigital Library
- Ing-Ray Chen and Ding-Chau Wang. 1996a. Analysis of replicated data with repair dependency. Computer Journal 39, 9, 767--779.Google ScholarCross Ref
- Ing-Ray Chen and Ding-Chau Wang. 1996b. Analyzing dynamic voting using petri nets. In Proceedings of the 15th IEEE Symposium on Reliable Distributed Systems. Niagara Falls, Canada, 44--53. Google ScholarDigital Library
- Steven Cheung, Bruno Dutertre, Martin Fong, Ulf Lindqvist, Kieth Skinner, and Alfonso Valdes. 2007. Using model-based intrusion detection for SCADA networks. In Proceedings of the SCADA Security Scientific Symposium. Miami, FL, USA, 127--134.Google Scholar
- Jin-Hee Cho, Ing-Ray Chen, and Phu-Gui Feng. 2010. Effect of intrusion detection on reliability of mission-oriented mobile group systems in mobile ad hoc networks. IEEE Transactions on Reliability 59, 1, 231--241.Google ScholarCross Ref
- Jin-Hee Cho, Ananthram Swami, and Ing-Ray Chen. 2009. Modeling and analysis of trust management for cognitive mission-driven group communication systems in mobile ad hoc networks. In Proceediings of the International Conference on Computational Science and Engineering. 641--650. Google ScholarDigital Library
- Jin-Hee Cho, Ananthram Swami, and Ing-Ray Chen. 2011. A survey on trust management for mobile ad hoc networks. IEEE Communications Surveys and Tutorials 13, 4, 562--583.Google ScholarCross Ref
- Jin-Hee Cho, Ananthram Swami, and Ing-Ray Chen. 2012. Modeling and analysis of trust management with trust chain optimization in mobile ad hoc networks. Journal of Network and Computer Applications 35, 3, 1001--1012. Google ScholarDigital Library
- Thomas H. Cormen, Charles E. Leiserson, Ronald L. Rivest, and Clifford Stein. 2001. Introduction to Algorithms. MIT Press. Google ScholarDigital Library
- Corinna Cortes and Vladimir Vapnik. 1995. Support-vector networks. Machine Learning 20, 3, 273--297. Google ScholarDigital Library
- Hervé Debar, Marc Dacier, and Andreas Wespi. 2000. A revised taxonomy for intrusion-detection systems. Annales Des Tele communications 55, 7--8, 361--378.Google Scholar
- Michele Di Santo, Alfredo Vaccaro, Domenico Villacci, and Eugenio Zimeo. 2004. A distributed architecture for online power systems security analysis. IEEE Transactions on Industrial Electronics 51, 6 (December 2004), 1238--1248.Google ScholarCross Ref
- DNP3. 2010. IEEE Standard for Electric Power Systems Communications Distributed Network Protocol (DNP3). IEEE Std 1815-2010 (January 2010), 1--775.Google Scholar
- Patrick Düssel, Christian Gehl, Pavel Laskov, Jens-Uwe Bußer, Christof Störmann, and Jan Kästner. 2010. Cyber-critical infrastructure protection using real-time payload-based anomaly detection. In Critical Information Infrastructures Security, Erich Rome and Robin Bloomfield (Eds.). Lecture Notes in Computer Science, Vol. 6027. 85--97. Google ScholarDigital Library
- Dewan M. Farid and Mohammad Z. Rahman. 2008. Learning intrusion detection based on adaptive Bayesian algorithm. In Proceedings of the 11th International Conference on Computer and Information Technology. Khulna, Bangladesh, 652--656.Google Scholar
- Bingrui Foo, Yu-Sung Wu, Yu-Chun Mao, Saurabh Bagchi, and Eugene Spafford. 2005. ADEPTS: Adaptive intrusion response using attack graphs in an e-commerce environment. In Proceedings of the International Conference on Dependable Systems and Networks. Yokohama, Japan, 508--517. Google ScholarDigital Library
- Igor Nai Fovino, Andrea Carcano, T. De Lacheze Murel, Alberto Trombetta, and Marcelo Masera. 2010.Modbus/DNP3 state-based intrusion detection system. In Proceedings of the 24th International Conference on Advanced Information Networking and Applications. Perth, Australia, 729--736. Google ScholarDigital Library
- Wei Gao, Thomas Morris, Bradley Reaves, and Drew Richey. 2010. On SCADA control system command and response injection and intrusion detection. In Proceedings of the 5th Annual Anti-Phishing Working Group eCrime Researchers Summit (eCrime). Dallas, TX, USA, 1--9.Google Scholar
- Yunlu Gong, S. Mabu, Ci Chen, Yifei Wang, and K. Hirasawa. 2009. Intrusion detection system combining misuse detection and anomaly detection using Genetic Network Programming. In Proceedings of the International Conference on Control, Automation and Systems--The Society of Instrument and Control Engineers. Fukuoka, Japan, 3463--3467.Google Scholar
- Baoshan Gu and Ing-Ray Chen. 2005. Performance analysis of location-aware mobile service proxies for reducing network cost in personal communication systems. ACM Mobile Networks and Applications 10, 4, 453--463. Google ScholarDigital Library
- Fariba Haddadi and Mehdi A. Sarram. 2010. Wireless intrusion detection system using a lightweight agent. In Proceedings of the 2nd International Conference on Computer and Network Technology. Bangkok, Thailand, 84--87. Google ScholarDigital Library
- Hadeli Hadeli, Ragnar Schierholz, Markus Braendle, and Cristian Tuduce. 2009. Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration. In Proceedings of the Conference on Emerging Technologies Factory Automation. Palma de Mallorca, Spain, 1--8. Google ScholarDigital Library
- Dina Hadžiosmanović, Lorenzo Simionato, Damiano Bolzoni, Emmanuele Zambon, and Sandro Etalle. 2012. N-Gram against the machine: On the feasibility of the N-Gram network analysis for binary protocols. In Research in Attacks, Intrusions, and Defenses, Davide Balzarotti, Salvatore J. Stolfo, and Marco Cova (Eds.). Lecture Notes in Computer Science, Vol. 7462. 354--373. Google ScholarDigital Library
- Hong Han, Xin-Liang Lu, and Li-Yong Ren. 2002. Using data mining to discover signatures in network-based intrusion detection. In Proceedings of the International Conference on Machine Learning and Cybernetics, Vol. 1. Beijing, China, 13--17.Google Scholar
- Qian He and Rick S. Blum. 2011. Smart grid monitoring for intrusion and fault detection with new locally optimum testing procedures. In Proceedings of the International Conference on Acoustics, Speech and Signal Processing. Prague, Czech Republic, 3852--3855.Google Scholar
- Geoffrey Hinton and Terrence J. Sejnowski. 1999. Unsupervised Learning: Foundations of Neural Computation. MIT Press. Google ScholarDigital Library
- ISO 11898. 2003. Road Vehicles—Interchange of Digital Information—Controller Area Network (CAN) for High Speed Communication.Google Scholar
- Gregg Keizer. 2010. Is Stuxnet the Best Malware Ever? http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_Google Scholar
- Kevin S. Killourhy and Roy A. Maxion. 2009. Comparing anomaly-detection algorithms for keystroke dynamics. In Proceedings of the International Federation for Information Processing International Conference on Dependable Systems Networks. Lisbon, Portugal, 125--134.Google Scholar
- Kevin Killourhy and Roy Maxion. 2010. Why did my detector do that?! In Recent Advances in Intrusion Detection, Somesh Jha, Robin Sommer, and Christian Kreibich (Eds.). Lecture Notes in Computer Science, Vol. 6307. 256--276. Google ScholarDigital Library
- Adrian P. Lauf, Richard A. Peters, and William H. Robinson. 2010. A distributed intrusion detection system for resource-constrained devices in ad-hoc networks. Ad Hoc Networks 8, 3, 253--266. Google ScholarDigital Library
- Yinan Li and Ing-Ray Chen. 2011. Design and performance analysis of mobility management schemes based on pointer forwarding for wireless mesh networks. IEEE Transactions on Mobile Computing 10, 3, 349--361. Google ScholarDigital Library
- Ondrej Linda, Todd Vollmer, and Milos Manic. 2009. Neural network based intrusion detection system for critical infrastructures. In Proceedings of the International Joint Conference on Neural Networks. Atlanta, GA, USA, 1827--1834. Google ScholarDigital Library
- Jinshan Liu and Valerie Issarny. 2004. Enhanced reputation mechanism for mobile ad hoc networks. Trust Management. Lecture Notes in Computer Science, Vol. 2995. 48--62.Google ScholarCross Ref
- Yang-Xia Luo. 2010. The research of Bayesian classifier algorithms in intrusion detection system. In Proceedings of the International Conference on E-Business and E-Government. Guangzhou, China, 2174--2178. Google ScholarDigital Library
- Matthew V. Mahoney and Philip K. Chan. 2003. An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection. In Recent Advances in Intrusion Detection, Giovanni Vigna, Christopher Kruegel, and Erland Jonsson (Eds.). Lecture Notes in Computer Science, Vol. 2820. 220--237.Google ScholarCross Ref
- John McHugh. 2000. Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3, 4 (November 2000), 262--294. Google ScholarDigital Library
- Sudip Misra, P. Venkata Krishna, and Kiran Isaac Abraham. 2010. Energy efficient learning solution for intrusion detection in wireless sensor networks. In Proceedings of the 2nd International Conference on Communication Systems and Networks. Bangalore, India, 1--6. Google ScholarDigital Library
- Robert Mitchell and Ing-Ray Chen. 2011. A hierarchical performance model for intrusion detection in cyber-physical systems. In Proceedings of the IEEE Wireless Communication and Networking Conference. 2095--2100.Google ScholarCross Ref
- Robert Mitchell and Ing-Ray Chen. 2012a. Behavior rule based intrusion detection for supporting secure medical cyber physical systems. In Proceedings of the IEEE International Conference on Computer Communication Networks. Munich, Germany.Google ScholarCross Ref
- Robert Mitchell and Ing-Ray Chen. 2012b. Specification based intrusion detection for unmanned aircraft systems. In Proceedings of the ACM MobiHoc Workshop on Airborne Networks and Communications. Hilton Head Island, SC, USA, 31--36. Google ScholarDigital Library
- Robert Mitchell and Ing-Ray Chen. 2013a. Adaptive intrusion detection for unmanned aircraft systems based on behavior rule specification. IEEE Transactions on Systems, Man and Cybernetics.Google Scholar
- Robert Mitchell and Ing-Ray Chen. 2013b. Behavior rule based intrusion detection systems for safety critical smart grid applications. IEEE Transactions on Smart Grid 4, 3, 1254--1263.Google ScholarCross Ref
- Robert Mitchell and Ing-Ray Chen. 2013c. Effect of intrusion detection and response on reliability of cyber physical systems. IEEE Transactions on Reliability 62, 1, 199--210.Google ScholarCross Ref
- Robert Mitchell and Ing-Ray Chen. 2013d. On survivability of mobile cyber physical systems with intrusion detection. Wireless Personal Communications 68, 4, 1377--1391.Google ScholarCross Ref
- Modbus Application. 2012. MODBUS Application Protocol Specification. http://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b3.pdf.Google Scholar
- Modbus Messaging. 2006. MODBUS Messaging on TCP/IP Implementation Guide. http://www.modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b. pdf.Google Scholar
- NASA. 2005. Swarming for success. Astrobiology Magazine.Google Scholar
- National Science Foundation. 2011. Cyber-Physical Systems (CPS) Program Solicitation.Google Scholar
- Lin Ni and Hong-Ying Zheng. 2007. An unsupervised intrusion detection method combined clustering with chaos simulated annealing. In Proceedings of the International Conference on Machine Learning and Cybernetics, Vol. 6. Hong Kong, China, 3217--3222.Google ScholarCross Ref
- Paul Oman and Matthew Phillips. 2007. Intrusion detection and event monitoring in SCADA networks. In Critical Infrastructure Protection, Eric Goetz and Sujeet Shenoi (Eds.). International Federation for Information Processing, Vol. 253. 161--173.Google ScholarCross Ref
- Kyungseo Park, Yong Lin, Vangelis Metsis, Zhengyi Le, and Fillia Makedon. 2010. Abnormal human behavioral pattern detection in assisted living environments. In Proceedings of the 3rd International Conference on Pervasive Technologies Related to Assistive Environments. 9:1--9:8. Google ScholarDigital Library
- Vern Paxson. 1999. Bro: A system for detecting network intruders in real-time. Computer Networks 31, 2324, 2435--2463. http://www.sciencedirect.com/science/article/pii/S1389128699001127. Google ScholarDigital Library
- Upeka K. Premaratne, Jagath Samarabandu, Tarlochan S. Sidhu, Robert Beresh, and Jian-Cheng Tan. 2010. An intrusion detection system for IEC61850 automated substations. IEEE Transactions on Power Delivery 25, 4 (October 2010), 2376--2383.Google Scholar
- Rockwell Automation Technologies, Inc. 2009. Introduction to Historian System Management. http://samplecode.rockwellautomation.com/idc/groups/literature/documents/gr/hsepis-gr021_-en-e.pdf.Google Scholar
- Sooyeon Shin, Taekyoung Kwon, Gil-Yong Jo, Youngman Park, and H. Rhy. 2010. An experimental study of hierarchical intrusion detection for wireless industrial sensor networks. IEEE Transactions on Industrial Informatics 6, 4 (November 2010), 744--757.Google ScholarCross Ref
- Snort. 2012. Snort. http://www.snort.org.Google Scholar
- Robin Sommer and Vern Paxson. 2010. Outside the closed world: On using machine learning for network intrusion detection. In Proceedings of the IEEE Symposium on Security and Privacy. Oakland, CA, USA, 305--316. Google ScholarDigital Library
- Maria Striki, Kyriakos Manousakis, Darrell Kindred, Dan Sterne, Geoff Lawler, Natalie Ivanic, and George Tran. 2009. Quantifying resiliency and detection latency of intrusion detection structures. In Proceedings of the Military Communications Conference. Boston, MA, USA, 1--8. Google ScholarDigital Library
- Stuxnet. 2013. Stuxnet. http://en.wikipedia.org/wiki/Stuxnet.Google Scholar
- Emmanuel Munguia Tapia, Stephen S. Intille, and Kent Larson. 2004. Activity recognition in the home using simple and ubiquitous sensors. In Pervasive Computing, Alois Ferscha and Friedemann Mattern (Eds.). Lecture Notes in Computer Science, Vol. 3001. 158--175.Google ScholarCross Ref
- Chi-Ho Tsang and Sam Kwong. 2005. Multi-agent intrusion detection system in industrial network using ant colony clustering approach and unsupervised feature extraction. In Proceedings of the International Conference on Industrial Technology. Hong Kong, China, 51--56.Google Scholar
- Prem Uppuluri and R. Sekar. 2001. Experiences with Specification-Based Intrusion Detection. In Recent Advances in Intrusion Detection, Wenke Lee, Ludovic M, and Andreas Wespi (Eds.). Lecture Notes in Computer Science, Vol. 2212. 172--189. Google ScholarDigital Library
- Jared Verba and M. Milvich. 2008. Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS). In Proceedings of the Conference on Technologies for Homeland Security. Idaho Falls, ID, USA, 469--473.Google Scholar
- Gregory B. White, Eric A. Fisch, and Udo W. Pooch. 1996. Cooperating security managers: A peer-based intrusion detection system. IEEE Network 10, 1 (January/February 1996), 20--23. Google ScholarDigital Library
- Michael E. Whitman and Herbert J. Mattord. 2011. Principles of Information Security. Course Technology Ptr. Google ScholarDigital Library
- Kun Xiao, Nianen Chen, Shangping Ren, Limin Shen, Xianhe Sun, K. Kwiat, and M. Macalik. 2007. A workflow-based non-intrusive approach for enhancing the survivability of critical infrastructures in cyber environment. In Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems. Minneapolis, MN, USA. Google ScholarDigital Library
- Dayu Yang, Alexander Usynin, and J. Wesley Hines. 2005. Anomaly-based intrusion detection for SCADA systems. In Proceedings of the 5th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human Machine Interface Technologies. Albuquerque, NM, USA, 12--16.Google Scholar
- Lin Ying, Zhang Yan, and Ou Yang-jia. 2010. The design and implementation of host-based intrusion detection system. In Proceedings of the 3rd International Symposium on Intelligent Information Technology and Security Informatics. Jinggangshan, China, 595--598. Google ScholarDigital Library
- Yichi Zhang, Lingfeng Wang, Weiqing Sun, R. C. Green, and M. Alam. 2011a. Artificial immune system based intrusion detection in a distributed hierarchical network architecture of smart grid. In Proceedings of the Power and Energy Society General Meeting. Detroit, MI, USA, 1--8.Google Scholar
- Yichi Zhang, Lingfeng Wang, Weiqing Sun, R. C. Green, and M. Alam. 2011b. Distributed intrusion detection system in a multi-layer network architecture of smart grids. IEEE Transactions on Smart Grid 2, 4 (December 2011), 796--808.Google ScholarCross Ref
- Shi Zhong, Taghi M. Khoshgoftaar, and Shyarn V. Nath. 2005. A clustering approach to wireless network intrusion detection. In Proceedings of the 17th International Conference on Tools with Artificial Intelligence. Hong Kong, China, 196--202. Google ScholarDigital Library
- Christopher Zimmer, Balasubramanya Bhat, Frank Mueller, and Sibin Mohan. 2010. Time-based intrusion detection in cyber-physical systems. In Proceedings of the 1st International Conference on Cyber-Physical Systems. Stockholm, Sweden, 109--118. Google ScholarDigital Library
Index Terms
- A survey of intrusion detection techniques for cyber-physical systems
Recommendations
A Survey on Intrusion Detection and Prevention Systems
AbstractIn the digital world, malicious activities that violate the confidentiality, integrity, or availability of data and devices are known as intrusions. An intrusion detection system (IDS) analyses the activities of a single system or a network to ...
Time-based intrusion detection in cyber-physical systems
ICCPS '10: Proceedings of the 1st ACM/IEEE International Conference on Cyber-Physical SystemsEmbedded systems, particularly real-time systems with temporal constraints, are increasingly deployed in every day life. Such systems that interact with the physical world are also referred to as cyber-physical systems (CPS). These systems commonly find ...
Rule generalisation in intrusion detection systems using SNORT
Intrusion Detection Systems (IDSs) provide an important layer of security for computer systems and networks. An IDS's responsibility is to detect suspicious or unacceptable system and network activity and to alert a systems administrator to this ...
Comments