Can an intrusion detection system be written using Java? If so, what are the risks of using that language? If not,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
what is the best language to use?
A signature-based intrusion detection system is actually quite simple in functionality. The IDS maintains a database of signatures, which correspond to known attacks. The tool then monitors all network traffic, looking for anything that matches those signatures. The true art of intrusion detection lies in creating, maintaining and tuning the signature database over time.
There's no reason that you couldn't implement that functionality in any higher-level programming language, Java included. However, the added overhead inherent in executing platform-independent Java code probably makes it a poor choice for an IDS. You're probably better off with a compiled language.
That said, consider what you're hoping to accomplish by creating your own intrusion detection system. Maintaining the signature database is a difficult task, and you're probably better off going with one of the many quality commercial or open-source systems already available on the market.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.