A new twotiered strategy to intrusion detection

Researchers have used many techniques in designing intrusion detection systems IDS and yet we still do not have an effective IDS. The interest in this work is to combine techniques of data mining and expert systems in designing an effective anomalybased IDS. Combining methods may give better coverag...

Full description

Saved in:
Bibliographic Details
Published inInformation management & computer security Vol. 12; no. 1; pp. 27 - 44
Main Authors Sodiya, A.S., Longe, H.O.D., Akinwale, A.T.
Format Journal Article
LanguageEnglish
Published Emerald Group Publishing Limited 01.02.2004
Subjects
Computers
Data analysis
Data security
Systems analysis
Online AccessGet full text

Cover

More Information
Summary:Researchers have used many techniques in designing intrusion detection systems IDS and yet we still do not have an effective IDS. The interest in this work is to combine techniques of data mining and expert systems in designing an effective anomalybased IDS. Combining methods may give better coverage, and make the detection more effective. The idea is to mine system audit data for consistent and useful patterns of user behaviour, and then keep these normal behaviours in profiles. An expert system is used as the detection system that recognizes anomalies and raises an alarm. The evaluation of the intrusion detection system design was carried out to justify the importance of the work.
Bibliography:filenameID:0460120102
original-pdf:0460120102.pdf
istex:202D3E91036CBE6405475FDD98AE32B06645468D
href:09685220410518810.pdf
ark:/67375/4W2-38CHV6M7-8
ISSN:0968-5227
DOI:10.1108/09685220410518810