Cyber criminals compromise Integrity, Availability and Confidentiality of network resources in cyber space and cause remote class intrusions such as U2R, R2L, DoS and probe/scan system attacks. To handle these intrusions, Cyber Security uses three audit and monitoring systems namely Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS). Intrusion Detection System (IDS) monitors only inbound traffic which is insufficient to prevent botnet systems. A system to monitor outbound traffic is named as Extrusion Detection System (EDS). Therefore a hybrid system should be designed to handle both inbound and outbound traffic.

Due to the increased false alarms preventive systems do not suite to an organizational network. The goal of this paper is to devise a taxonomy for cyber security and study the existing methods of Intrusion and Extrusion Detection systems based on three primary characteristics. The metrics used to evaluate IDS and EDS are also presented.