Page 246

The University of SydneyPage 52Intrusion detection systems–packet filtering:–operates on TCP/IP headers only–no correlation check among sessions –IDS: intrusion detection system–deep packet inspection:look at packet contents (e.g., check character strings in packet against database of known virus, attack strings)–examine correlationamong multiple packets•port scanning•network mapping•DoS attack