.fullpost{display:inline;} IDS adalah software/hardware yang berguna untuk mendetect apapun yang ingin mencuri data yang di simpan secara rahasia,atau untuk memanipulasi atau disable system komputer dengan melewati jaringan internet.kebanyakan digunakan untuk menyerang/marusak pertahanan komputer,yang biasa dilakukan hacker/cracker/malware.

IDS mempunyai banyak komponen di dalamnya,
seperti sensor yang akan meng-generate securiti events,dan console yang akan mengendalikan sensor dan melihat event".central engine untuk merekam kegiatan yang telah dilihat oleh sensor di sebuah database,

tambahan:
Alert/Alarm- A signal suggesting a system has been or is being attacked [1].

True attack stimulus- An event that triggers an IDS to produce an alarm and react as though a real attack were in progress .

False attack stimulus- The event signaling an IDS to produce an alarm when no attack has taken place .

False (False Positive)- An alert or alarm that is triggered when no actual attack has taken place .

False negative- A failure of an IDS to detect an actual attack .

Noise- Data or interference that can trigger a false positive .

Site policy- Guidelines within an organization that control the rules and configurations of an IDS [1].

Site policy awareness- The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity .

Confidence value- A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack .

Alarm filtering- The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks