Host-Based Intrusion Detection System

What Does Host-Based Intrusion Detection System Mean?

A host-based intrusion detection system (HIDS) is a system that monitors a computer system on which it is installed to detect an intrusion and/or misuse, and responds by logging the activity and notifying the designated authority. A HIDS can be thought of as an agent that monitors and analyzes whether anything or anyone, whether internal or external, has circumvented the system’s security policy.


Techopedia Explains Host-Based Intrusion Detection System

An intrusion detection system (IDS) is a software application that analyzes a network for malicious activities or policy violations and forwards a report to the management. An IDS is used to make security personnel aware of packets entering and leaving the monitored network. There are two general types of systems: a host-based IDS (HIDS) and a network-based IDS (NIDS).

A NIDS is often a standalone hardware appliance that includes network detection capabilities. It will usually consist of hardware sensors located at various points along the network. It may also consist of software that is installed on various computers connected along the network. The NIDS analyzes data packets both inbound and outbound and offer real-time detection.

A HIDS analyzes the traffic to and from the specific computer on which the intrusion detection software is installed. A host-based system also has the ability to monitor key system files and any attempt to overwrite these files.

However, depending on the size of the network, either HIDS or NIDS is deployed. For instance, if the size of the network is small, then NIDS is usually cheaper to implement and it requires less administration and training than HIDS. However, a HIDS is generally more versatile than a NIDS.


Related Terms

Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.