What Is Intruder Detection?

In computing, intruder detection is a term used to describe the various security strategies used to keep a computer network protected from access and use by unauthorized parties. Sometimes referred to as intrusion detection, the idea of these fail-safe measures is not only to protect the network from illegal access and use from outside, but also to prevent security breaches from occurring within the network itself. In order to achieve the desired level of protection, a combination of resources will be used to keep the network secure at all times.

One of the key resources used in an intruder detection system is the ability to restrict access to different information housed in the servers and computer hard drives that are part of the network. This process begins with the assigning of access rights to authorized employees. Many programs allow administrators to assign various levels of rights, based on the work responsibilities of the individual. For example, a salesperson may be able to access billing information connected with his or her clients, but not be able to access that same data for customers assigned to other salespeople. In like manner, a department manager may have ready access to any information relevant to the operation of his or her duties, but not be able to access information that is associated with other departments.

Along with protecting access to data by means of access codes, passwords and even a series of qualifying questions, other methods to verify the identity of the individual attempting to access the network may be necessary. Technology to allow for retina scans or fingerprint readings are often used in high-security facilities. In the event that an attempt by an outsider is made to illegally access the network, security protocols normally call for locking out the attempt and alerting personnel within the organization to take appropriate action, including locating the origin of the breach attempt and reporting it to the proper authorities. Methods such as key monitoring to record and analyze the keystrokes used or event consideration of the ports of entry utilized to enter the system are also common with this type of intruder detection approach.

The general concept of intruder detection is to utilize a series of different strategies that prevent the unauthorized access to proprietary information housed on the network. Typically, the security protocols will identify attempts and stop them before there is any actual breach. Even when those protocols are somehow evaded, additional security features monitor and record activity as it is underway, quickly flagging anything that seems to be outside the scope of actions normally associated with the credentials used. As hackers have developed new methods of breaking into networks, the methods employed as part of the intruder detection initiate have also become more comprehensive, helping to maintain the integrity of data and protect the interests of the individuals or companies that own and operate the network.