A program that monitors the characteristics of a single host and the events occurring within that host to identify and stop suspicious activity.
Sources:
NIST SP 800-128
under Host-Based Intrusion Detection and Prevention System
from
NIST SP 800-94
NIST SP 800-128
from
NIST SP 800-94