| Not all IDS prevent but all detect. |
| •owl:Thing |
| •Asset |
| •Countermeasure |
| •Monitoring |
| •IntrusionDetectionSystem |
| •Countermeasure |
| •Monitoring |
| •IntrusionDetectionSystem |
| protects SOME _Integrity |
| protects SOME _Availability |
| protects ONLY ((_Prevention OR _Detection) AND (_Confidentiality OR _Integrity OR _Availability) AND _Technology) |
| protects SOME _Technology |
| protects SOME _Detection |
| Monitoring |
| protects SOME _Confidentiality |
| dc:description | Subdivisions according to Debar, Dacier, Wespi "Towards a taxonomy of IDS" An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. (Webopedia) Further subclasses could be developed from http://www.sans.org/resources/idfaq/aint.php |
Class(IntrusionDetectionSystem partial restriction(protects someValuesFrom(_Integrity))
restriction(protects someValuesFrom(_Availability))
restriction(protects allValuesFrom(intersectionOf(unionOf(_Prevention
_Detection)
unionOf(_Confidentiality
_Integrity
_Availability)
_Technology)))
restriction(protects someValuesFrom(_Technology))
restriction(protects someValuesFrom(_Detection))
Monitoring
restriction(protects someValuesFrom(_Confidentiality)))