Class: sec:IntrusionDetectionSystem

Not all IDS prevent but all detect.

•owl:Thing
        •sec:Countermeasure
                •sec:Monitoring
                        •sec:IntrusionDetectionSystem

Super Classes

sec:protects SOME sec:_Integrity
sec:protects SOME sec:_Confidentiality
sec:protects SOME sec:_Technology
sec:protects ONLY ((sec:_Prevention OR sec:_DetectionAND (sec:_Confidentiality OR sec:_Integrity OR sec:_AvailabilityAND sec:_Technology)
sec:protects SOME sec:_Detection
sec:Monitoring
sec:protects SOME sec:_Availability

Annotations

dc:descriptionSubdivisions according to Debar, Dacier, Wespi "Towards a taxonomy of IDS" An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. (Webopedia) Further subclasses could be developed from http://www.sans.org/resources/idfaq/aint.php

Abstract Syntax

Class(sec:IntrusionDetectionSystem partial restriction(sec:protects someValuesFrom(sec:_Integrity))
                                          restriction(sec:protects someValuesFrom(sec:_Confidentiality))
                                          restriction(sec:protects someValuesFrom(sec:_Technology))
                                          restriction(sec:protects allValuesFrom(intersectionOf(unionOf(sec:_Prevention
                                                                                                        sec:_Detection)
                                                                                                unionOf(sec:_Confidentiality
                                                                                                        sec:_Integrity
                                                                                                        sec:_Availability)
                                                                                                sec:_Technology)))
                                          restriction(sec:protects someValuesFrom(sec:_Detection))
                                          sec:Monitoring
                                          restriction(sec:protects someValuesFrom(sec:_Availability)))

Usage

Class Description/Definition (Necessary Conditions)

sec:ByAuditSourceLocation, sec:ByBehaviourOnDetection, sec:ByDetectionMethod, sec:ByUsageFrequency
Generated with OWLDoc