From decades, IDS technology has strived to provide effective and integrated intrusion quality control and is now experiencing success with the arrival of cloud computing.
The IDS journey began 30 years ago when increased access to the corporate network created a new problem, the need for user access and user control. As operations on shared use of information systems grew, levels of access to these systems and clear visibility of user activity are required to perform securely and protected.
Initial progress has been made in IDS within the US Air Force. In 1980, James P. Anderson, who laid the foundations in information security and a member of the US Air Force “Defense Science Board Task Force on Computer Security ” , came up with “Computer Security Threat Monitoring and Surveillance,” a report often attributed to the introduction of the IDS mechanism. Later, the first form, generated from the same methods used by antivirus applications, was created that scans network traffic and compare it to a list of known threats.
As networks grew, every system administrator around the world began to adopt intrusion detection systems in spite problems. Initially it gives information only on the jnown issues/threats that have been listed to be alerted. Then, continuous scanning and updating of the list was difficult with limited resources.
This new method in the 1990s, helped to identify unusual behavioral patterns on the network and provided alerts for any identified abnormalities which is named as anomaly detection. This IDS technology helped in building advanced networks that decreased the network attacks
Unfortunately, this type of networks led to a large number of false positives, and many administrators believed that this IDS was unsafe and decreased in its usage
However, with cloud computing which has created a new link to IDS systems, has increased the usage of IDS at sudden. IDS is redesigned to detect attacks that may occur, despite preventive measures.. Cloud security in particular is so complex that it cannot be monitored manually infact, IDS is now one of the best-selling security technologies, expected to continue to gain momentum.
Big data also plays an important role in the growth and importance of intrusion detection today. World data is doubling every 20 months, and as cloud-hosted databases expand dramatically, it is no wonder that IDS is more important than ever.
Classified into two types based on their location of detection
1. Network Intrusion Detection System (NIDS): detects the threats and malicious activities that occur in the network
2. Host Intrusion Detection System (HIDS): detects the threats and malicious activities on the computing system