Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A host-based intrusion prevention system (HIPS) is a system or a program employed to protect critical computer systems containing crucial data against viruses and other Internet malware. Starting from the network layer all the way up to the application layer, HIPS protects from known and unknown malicious attacks. HIPS regularly checks the characteristics of a single host and the various events that occur within the host for suspicious activities.
HIPS can be implemented on various types of machines, including servers, workstations, and computers.
A HIPS uses a database of system objects monitored to identify intrusions by analyzing system calls, application logs, and file-system modifications (binaries, password files, capability databases, and access control lists). For every object in question, the HIPS remembers each object's attributes and creates a checksum for the contents. This information gets stored in a secure database for later comparison.
The system also checks whether appropriate regions of memory have not been modified. Generally, it does not use virus patterns to detect malicious software but rather keeps a list of trusted programs. A program that oversteps its permissions is blocked from carrying out unapproved actions.
A HIPS has numerous advantages. First and foremost, enterprise and home users have increased protection from unknown malicious attacks. HIPS uses a peculiar prevention system that has a better chance of stopping such attacks as compared to traditional protective measures. Another benefit of using such system is the need to run and manage multiple security applications to protect PCs, such as anti-virus, anti-spyware, and firewalls.