Host-Based ID

nouncandidate·updated May 12, 2026

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. This analysis of the audit trail imposes potentially significant overhead requirements on the system because of the increased amount of processing power which must be utilized by the intrusion detection system. Depending on the size of the audit trail and the processing ability of the system, the review of audit data could result in the loss of a real-time analysis capability.

MWE

Classifications

per-axis with provenance

Entity Type

Capability0%rule-basedmulti_axis_classifier_low_confidence.v1

?unassignedlast reviewed —

Sensitivity

—85%llm-generatedllm:claude-haiku-4-5

?unassignedlast reviewed —

Information Class

—90%llm-generatedllm:claude-haiku-4-5

?unassignedlast reviewed —

Variants

3 surface forms

plural: Host-Based IDS
possessive: Host-Based ID's
pluralpossessive: Host-Based IDS'

Continue to:Dictionary →How is this term used per framework?Thesaurus →How does this term relate to other terms?Universal →Everything in one page.