{{Short description, Type of access control
Extrusion detection or outbound intrusion detection is a branch of
intrusion detection
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collec ...
aimed at developing mechanisms to identify successful and unsuccessful attempts to use the resources of a
computer system
A computer is a machine that can be programmed to automatically carry out sequences of arithmetic or logical operations (''computation''). Modern digital electronic computers can perform generic sets of operations known as ''programs'', wh ...
to compromise other systems. Extrusion detection techniques focus primarily on the analysis of system activity and outbound traffic in order to detect malicious users,
malware
Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
or network traffic that may pose a threat to the security of neighboring systems.
While intrusion detection is mostly concerned about the identification of incoming attacks (intrusion attempts), extrusion detection systems try to prevent attacks from being launched in the first place. They implement monitoring controls at leaf nodes of the network—rather than concentrating them at choke points, e.g., routers—in order to distribute the inspection workload and to take advantage of the visibility a system has of its own state. The ultimate goal of extrusion detection is to identify attack attempts launched from an already compromised system in order to prevent them from reaching their target, hereby containing the impact of the threat.