Intrusion Detection Systems Basics
Peng Ning, North Carolina State University
Sushil Jajodia, George Mason University
Machine Learning and Data Mining Techniques
Computer Immunological Approachs
Information-Theoretic Measures
Limitation of Anomaly Detection
State Transition Analysis Toolkit
Automatically Built Misuse Detection Models
Abstraction-Based Intrusion Detection
Limitation of Misuse Detection
Intrusion Detection in Distributed Systems
Distributed Intrusion Detection Systems
Network-Based Intrusion Detection Systems
Sharing Information Among Intrusion Detection Systems
Intrusion Alert Correlation Based on Prerequisites and Consequences of Attacks
INTRODUCTION
Intuitively, intrusions in an information system are the activities that violate the security policy of the system, and intrusion detection is the process used to identify intrusions. Intrusion detection has been studied for more than 20 years since Anderson's report (Anderson, 1980). It is based on the beliefs that an intruder's behavior will be noticeably different from that of a legitimate user and that many unauthorized actions will be detectable.
Intrusion detection systems (IDSs) are usually deployed along with other preventive security mechanisms, such as access control and authentication, as a second ...
Get Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
