Can an intrusion detection system be written using Java? If so, what are the risks of using that language? If not,...
what is the best language to use?
A signature-based intrusion detection system is actually quite simple in functionality. The IDS maintains a database of signatures, which correspond to known attacks. The tool then monitors all network traffic, looking for anything that matches those signatures. The true art of intrusion detection lies in creating, maintaining and tuning the signature database over time.
There's no reason that you couldn't implement that functionality in any higher-level programming language, Java included. However, the added overhead inherent in executing platform-independent Java code probably makes it a poor choice for an IDS. You're probably better off with a compiled language.
That said, consider what you're hoping to accomplish by creating your own intrusion detection system. Maintaining the signature database is a difficult task, and you're probably better off going with one of the many quality commercial or open-source systems already available on the market.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
Vulnerability scanning tools are necessary to be fully compliant with PCI DSS, but the tools need to come from a PCI DSS Approved Scanning Vendor. ...continue reading
Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you...continue reading
The FFIEC Cybersecurity Assessment Tool has faced harsh criticism since its 2015 release. Expert Mike Chapple reviews the tool and how it can be ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.