intrusion signatureRecorded evidence of a system intrusion, typically as part of an intrusion detection system (IDS). When a malicious attack is launched against a system, the attack typically leaves evidence of the intrusion in the system��s logs. Each intrusion leaves a kind of footprint behind (e.g., unauthorized software executions, failed logins, misuse of administrative privileges, file and directory access) that administrators can document and use to prevent the same attacks in the future. By keeping tables of intrusion signatures and instructing devices in the IDS to look for the intrusion signatures, a system��s security is strengthened against malicious attacks.
Because each signature is different, it is possible for system administrators to determine by looking at the intrusion signature what the intrusion was, how and when it was perpetrated, and even how skilled the intruder is.
Stay up to date on the latest developments in Internet terminology with a free weekly newsletter from Webopedia. Join to subscribe now.
Webopedia's student apps roundup will help you to better organize your class schedule and stay on top of assignments and homework. Read More »List of Free Shorten URL Services
A URL shortener is a way to make a long Web address shorter. Try this list of free services. Read More »Top 10 Tech Terms of 2015
The most popular Webopedia definitions of 2015. Read More »
The Open System Interconnection (OSI) model defines a networking framework to implement protocols in seven layers. Use this handy guide to compare... Read More »Computer Architecture Study Guide
This Webopedia study guide describes the different parts of a computer system and their relations. Read More »What Are Network Topologies?
Network Topology refers to layout of a network. How different nodes in a network are connected to each other and how they communicate is... Read More »