Anomaly detection involves actual software that works to detect intrusion attempts and notify the administrator. The system looks for any anomalous behavior. Any activity that does not match the pattern of normal user access is noted. Go to Google.com and search for information on how anomaly detection works and then answer the question: How does the IDS define normal use? A good place to find information about IDS system types is http://infosecuritymag.techtarget.com/articles/august01/cover.shtml.
The post Anomaly detection appeared first on Template.