Analysis of intrusion detection systems

With the development of information technologies, the amount of vulnerabilities and threats to various data processing systems is increasing, therefore specialized means of security are required to ensure their normal operation and to prevent intrusions, and a promising area that is actively developing in the field of information security is the detection of cyber attacks and the prevention of intrusions in information systems from the unauthorized side. In order to detect network intrusions there are used modern methods, models, tools and complex technical solutions for intrusion detection and prevention systems, which can remain effective when new or modified types of cyber threats appear. Therefore, there was conducted a generalized analysis of the intrusion detection systems software based on a certain basic set of characteristics («Cyber Attack Class», «Adaptability», «Detection Methods», «System Control», «Scalability», «Observation Level», «Reaction to Cyber Attack», «Security» and «Operating System Support»). It will give certain opportunities for choosing such tools and for developing the most effective security mechanisms during cyber attacks.