[WEBINAR] Bulletproof: How Today's Business Leaders Stay on Top

Intrusion Signature

Definition - What does Intrusion Signature mean?

An intrusion signature is a kind of footprint left behind by perpetrators of a malicious attack on a computer network or system. Each intrusion signature is different, but they may appear in the form of evidence such as records of failed logins, unauthorized software executions, unauthorized file or directory access, or improper use of administrative privileges.

Techopedia explains Intrusion Signature

Intrusion signatures are recorded and logged by intrusion detection systems and studied and documented by system administrators who can often configure or modify the system to prevent the same attack from happening again, thus strengthening security against future attacks. System administrators may be able to determine such investigative information about how and when the intrusion was executed and the skill level of the perpetrator.

Most intrusion detection systems use one of the following detections methods:

  • Signature-based detection
  • Statistical anomaly-based detection
  • Stateful protocol analysis detection

By recording and logging intrusion signatures in a database, the signature-based detection method monitors network traffic in search of signature matches. When these are found, the detection system takes the appropriate action.

Two types of intrusion signatures are commonly used

  • Exploit based
  • Vulnerability based

Intrusion detection systems use the former to analyze patterns previously recorded and protect against repetitions; they use the latter by analyzing vulnerabilities in a program, the program’s executions and the conditions needed to exploit those vulnerabilities.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.