Bounty: 100
I know this is kind of an odd question. An IDS/IPS basically autonomously recognizes and optionally prevents intrusions.
And while SELinux and AppArmor seem to be trying to do the same, they are never labelled as an IDS/IPS. Am I missing something? This is a purely academic question.
Would such tool be considered Host Based IDS/IPS?