Answer:
Stateful protocol analysis detection.
Explanation:
IDS and IPS are acronym for intrusion detection system and intrusion prevention system respectively. IDS is a security system which monitors the network traffic and notifies the engineer when there's a malicious activity. IPS is a security system which monitors the network traffic and blocks malicious activity as well as keeping logs.
Generally, the detection methods used by the Intrusion Prevention Systems (IPS) are;
1. Statistical anomaly-based detection.
2. Signature-based detection.
3. Stateful protocol analysis detection.
Stateful protocol analysis detection is an IDS/IPS detection method that uses previously gained connection attributes to match traffic against predetermined profiles.
Basically, these predetermined profiles comprises of benign activities and suspicious activities that have been developed by industry leaders and vendors as abnormal systems or network behaviors.
