What are the definition and classification of IPS?
The definition of IPS: it is a kind of security technology which is defined by ICSA (the international computer security association), through the computer network or several key points of computer system to collect information and analysis it, to discover whether there are illegal security strategy behaviors and signs of being attacked in the network or system and at the same time make response.
The invaded behaviors include: malicious software such as worms and viruses and advertising software, etc., the without authorization access from the Internet, internal user security violations.
The classification of IPS: detection method classification, anomaly detection and misuse detection (features)
The classification of testing data sources, HIPS/NIPS