The creation, processing, distribution, and management of Intrusion Detection/Prevention System rulesets

by Mike Richter Oct. 1, 2017 via Infosecwriters

In modern society, the use of networked based computer systems is a core component in almost any form of business, research, or social undertaking. These systems contain sensitive data that ranges from family histories to medical records, to vital financial data the serves as the lifeblood for modern society. Due to the sensitivity of the data stored on these networks it is the primary goal of Information and network security to protect and secure this data. Much of this data is located in private networks that are attached to the public internet. Malicious actors will use a wide variety of methods to gain access to these private networks and the valuable data they contain. Therefore, it is crucial to detect any unauthorized intrusions into these private networks from the public networks. The systems detect and prevent these intrusions, Intrusion Detection and Prevention Systems, and more specifically the rules that govern them are the focus of this paper.