Host=based Intrusion Detection Systems

nounid 2736·updated May 9, 2026

candidate

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the Operating System. Furthermore, unlike network-based IDSs, host-based IDSs can more readily “see” the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks.

MWE

Classifications

per-axis with provenance

Entity Type

Capability92%llm-generatedllm:claude-haiku-4-5

Sensitivity

unclassified

Information Class

unclassified

Variants

4 surface forms

acronym: IDS
plural: Host=based Intrusion Detection Systemses
possessive: Host=based Intrusion Detection Systems's
pluralpossessive: Host=based Intrusion Detection Systemses'

Framework definitions

3 senses across 3 frameworks

NISTIR 7298: Glossary of Key Information Security Terms, Revision 21 senseview framework →

§1: IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the Operating System. Furthermore, unlike network-based IDSs, host-based IDSs can more readily “see” the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks.

CNSSI-4009 (Glossary of Information Assurance Terms)1 senseview framework →

§1: IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the Operating System. Furthermore, unlike network-based IDSs, host-based IDSs can more readily “see” the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks.

NIST SP 800-361 senseview framework →

§1: IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the Operating System. Furthermore, unlike network-based IDSs, host-based IDSs can more readily “see” the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks.

Outgoing relationships

term as subject — 0 triples

No outgoing triples

This term is not the subject of any RDF-style relationship yet.

Incoming relationships

term as object — 0 triples

No incoming triples

No other term currently asserts a relationship to this one.