Application protocol-based intrusion detection system
 | The topic of this article may not meet Wikipedia's general notability guideline. (April 2012) |
An application protocol-based intrusion detection system (APIDS) is an intrusion detection system that focuses its monitoring and analysis on a specific application protocol or protocols in use by the computing system.[1]
Overview
An APIDS will monitor the dynamic behavior and state of the protocol and will typically consist of a system or agent that would typically sit between a process, or group of servers, monitoring and analyzing the application protocol between two connected devices.
A typical place for an APIDS would be between a web server and the database management system, monitoring the SQL protocol specific to the middleware/business logic as it interacts with the database.[2]
Monitoring dynamic behavior
At a basic level an APIDS would look for, and enforce, the correct (legal) use of the protocol.
However at a more advanced level the APIDS can learn, be taught or even reduce what is often an infinite protocol set, to an acceptable understanding of the subset of that application protocol that is used by the application being monitored/protected.
Thus, an APIDS, correctly configured, will allow an application to be "fingerprinted", thus should that application be subverted or changed, so will the fingerprint change.
See also
References
- ^ "6 Types of Intrusion Detection System". internationalsecurityjournal.com. 2024-04-01. Retrieved 2024-07-09.
- ^ "What is an Intrusion Detection System (IDS)? | IBM". www.ibm.com. 2023-04-19. Retrieved 2024-07-09.
 | This article related to a type of software is a stub. You can help Wikipedia by adding missing information. |
 | This security software article is a stub. You can help Wikipedia by adding missing information. |
Content Disclaimer
Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.
- The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
- There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
- It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
- Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
- Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.