|
|
|
|
Statistical anomaly-based IDS |
|
Uses thresholds for various types of activities |
|
Pattern matching or signature-based IDS |
|
Uses a set of rules to detect an attack |
|
Content-based and context-based signatures |
|
Cisco host-based and network-based IDS detect
attacks based on signatures and anomalies |