This document discusses intrusion detection systems and provides an overview of their classification, strengths, and future directions. It introduces intrusion detection and explains that intrusions can come from inside or outside a network. It then outlines different ways systems can be intruded, such as through buffer overflows or unexpected input combinations. The document classifies intrusion detection systems as anomaly-based, signature-based, host-based, network-based, or stack-based. It highlights the reduced cost of ownership and real-time detection capabilities of network-based intrusion detection systems. Finally, it suggests the future integration of network and host-based systems for improved detection and developing schemes that detect novel attacks rather than just specific instances.