Intrusion Detection Systems

Signature-based Intrusion Detection System
Programs that run on an individual's workstation or on a dedicated network device that monitor network traffic looking for predefined patterns which are suspicious in nature and may be clues that a hacker/cracker is attempting to break into a system or cause a denial of service attack. If any of these predefined signatures are found, the proper personnel is alerted.

Anomaly-based Intrusion Detection System
Program much like signature-based IDSs except that instead of using a predefined signature database to determine what is suspicious activity, the anomaly-based IDS is set up and tuned for a specific network's traffic. During the tuning time the IDS creates a profile of 'normal' network traffic. After this profile is created, anything detected outside the profile is deemed a threat and is usually brought to the attention of a system administrator.

Links
An example of a signature-based IDS is: Dragon
An anomaly-based IDS is: StealthWatch

For more information on the different kinds of intrusion detection systems available please feel free to visit:

http://www.robertgraham.com/pubs/network-intrusion-detection.html#1.1
http://www.linuxsecurity.com/feature_stories/feature_story-143.html
http://www.zdnetindia.com/biztech/ebusiness/whitepapers/stories/79201.html