Target-based intrusion detection is a process by which the detection engine customizes its behavior based on the characteristics of the target of an attack. For example, it does not make sense for an IDS to treat an Apache Web server on FreeBSD 7.0 the same as an IIS Web server on Windows Server 2003 when an intruder attacks it. Ideally the IDS would understand the differences in the two computer's network stacks and other features affecting detection choices. Snort indeed supports various forms of target-based intrusion detection techniques, and the tool is a leader in this respect.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.