入侵检测(Intrusion Detection)是对网络入侵行为的检测,通过收集和分析网络行为、审计数据、安全日志等信息,来检查网络和系统中是否存在违反安全策略的行为,入侵检测在网络受到危害之前拦截和响应入侵,作为一种积极主动的防护技术,提供了对外部攻击、内部攻击和误操作的实时保护,因此网络从业人员认为这是防火墙之后的第二道闸门。%Intrusion detection (Detection Intrusion)is the detection of network intrusion behavior.Intrusion de-tection can be obtained by collecting and analyzing network behavior,audit data,security logs,and other in-formation that can be obtained from other networks,Intrusion detection in the network before the damage and response to intrusion.As a kind of active protection technology,it provides real-time protection against external attacks,internal attacks and false operation,so it is considered as the second gate after firewall.
展开▼