Extrusion detection
Encyclopedia
Extrusion detection or outbound intrusion detection is a branch of intrusion detection
Intrusion detection
In Information Security, intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. When Intrusion detection takes a preventive measure without direct human intervention, then it becomes an Intrusion-prevention...

 aimed at developing mechanisms to identify successful and unsuccessful attempts to use the resources of a computer system to compromise other systems. Extrusion detection techniques focus primarily on the analysis of system activity and outbound traffic in order to detect malicious users, malware
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...

 or network traffic that may pose a threat to the security of neighboring systems.

While intrusion detection is mostly concerned about the identification of incoming attacks (intrusion attempts), extrusion detection systems try to prevent attacks from being launched in the first place. They implement monitoring controls at leaf nodes of the network -- rather than concentrating them at choke points, e.g., routers -- in order to distribute the inspection workload and to take advantage of the visibility a system has of its own state. The ultimate goal of extrusion detection is to identify attack attempts launched from an already compromised system in order to prevent them from reaching their target, hereby containing the impact of the threat.

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK