Term:IDS - Host-Based

From FISMApedia
Jump to: navigation, search

NIST IR 7298

IDS - Host-Based - IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the Operating System. Furthermore, unlike network-based IDSs, host-based IDSs can more readily "see" the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks. SOURCE: SP 800-36