Not all IDS prevent but all detect. |
•owl:Thing |
•Asset |
•Countermeasure |
•Monitoring |
•IntrusionDetectionSystem |
•Countermeasure |
•Monitoring |
•IntrusionDetectionSystem |
protects SOME _Integrity |
protects SOME _Availability |
protects ONLY ((_Prevention OR _Detection) AND (_Confidentiality OR _Integrity OR _Availability) AND _Technology) |
protects SOME _Technology |
protects SOME _Detection |
Monitoring |
protects SOME _Confidentiality |
dc:description | Subdivisions according to Debar, Dacier, Wespi "Towards a taxonomy of IDS" An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. (Webopedia) Further subclasses could be developed from http://www.sans.org/resources/idfaq/aint.php |
Class(IntrusionDetectionSystem partial restriction(protects someValuesFrom(_Integrity)) restriction(protects someValuesFrom(_Availability)) restriction(protects allValuesFrom(intersectionOf(unionOf(_Prevention _Detection) unionOf(_Confidentiality _Integrity _Availability) _Technology))) restriction(protects someValuesFrom(_Technology)) restriction(protects someValuesFrom(_Detection)) Monitoring restriction(protects someValuesFrom(_Confidentiality)))