Jump to content

Extrusion detection

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Bluebot (talk | contribs) at 14:16, 4 November 2006 (tagging, added uncategorised tag). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Extrusion Detection is a branch of Intrusion Detection aimed at developing mechanisms to identify successful and unsuccessful attempts to use the resources of a computer system to compromise other systems. Extrusion Detection techniques focus primarily on the analysis of system activity and outbound traffic in order to detect malicious users, malware or network packets that may pose a threat to the security of neighboring systems.

While Intrusion Detection is mostly concerned about the identification of incoming attacks (intrusion attempts), Extrusion Detection systems try to prevent attacks from being launched from a system in the first place. They implement monitoring controls at leaf nodes of the network -- rather than concentrating them at choke points, e.g., routers -- in order to distribute the inspection workload and to take advantage of the visibility a system has of its own. The ultimate goal of Extrusion Detection is to identify attack attempts launched from internal systems in order to prevent them from reaching their target.

Extrusion Detection is also known as Outbound Intrusion Detection.

1. "Extrusion Detection: Security Monitoring for Internal Intrusions"
2. "Stopping Spam by Extrusion Detection"
3. "Outbound Intrusion Detection"

Retrieved from "https://en.wikipedia.org/w/index.php?title=Extrusion_detection&oldid=85661545"