What is the basic difference between an Antivirus and Hips Hids?
As far as I know, HIDS stands for ‘host-based intrusion detection system.’ It refers to an application that assists in monitoring any network’s suspicious activity, including misuse of resources, interference of external actors, etc.
But when we talk about HIPS cyber security, HIPS comes into the picture. HIPS, or Host Intrusion Prevention System, refers to a technology that offers computer security from any virus from unidentified resources. It includes runtime behavior analysis and pre-execution behavior analysis.
The ‘D’ refers to detection, meaning the protection system can detect and alert various security events. On the other hand, ‘P’ refers to prevention. It means blocking any suspected malicious event.
An antivirus is used to block any suspicious event actively. That is why it is often considered similar to HIPS and HIDS.
Even though Wikipedia states that it is hard to find the difference between an Antivirus, HIPS, and HIDS, it is not right. An antivirus can block any malicious activity. However, the HIPS solution can track possible changes happening on file systems, analyze the log files, check the components present in the system to search for any irregular activity and detect malware.
So, the answer is an Antivirus can only detect and block access to malicious files. That is why it is a part of the HIPS solution. But HIPS, on the other hand, has a broad purpose.
