Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Intrusion Detection Systems



Rebecca Bace, Peter Mell


[Superseded by NIST SP 800-94, Guide to Intrusion Detection and Prevention Systems (IDPS),] Intrusion detection systems (IDSs) are software or hardware systems that automate the process of monitoring the events occurring in a computer system or network, analyzing them for signs of security problems. As network attacks have increased in number and severity over the past few years, intrusion detection systems have become a necessary addition to the security infrastructure of most organizations. This guidance document is intended as a primer in intrusion detection , developed for those who need to understand what security goals intrusion detection mechanisms serve, how to select and configure intrusion detection systems for their specific system and network environments, how to manage the output of intrusion detection systems, and how integrate intrusion detection functions with the rest of the organizational security infrastructure.
Special Publication (NIST SP) - 800-31
Report Number


computer attacks, computer security, intrusion detection, network security


Bace, R. and Mell, P. (2001), Intrusion Detection Systems, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD (Accessed May 18, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created October 31, 2001, Updated October 12, 2021