Approaches and Data Processing Techniques for Intrusion Detection Systems
Source: Andhra University
The process of monitoring the events occurring in a computer system or network and analyzing them for sign of intrusions is known as Intrusion Detection Systems (IDS).In this paper an overview of types of attacks, IDS components, and classifications of IDS is briefly given. Two approaches from the classification of IDS are also presented. They are anomaly-based detection and misuse-based detection. Anomaly-based detection approach is extremely powerful and novel tool which identifies anomalies as deviations from "Normal" behavior and automatically detects any deviation from it. Misuse-based detection approach explicitly defines the attack behavior and classifies all events matching these specifications as attack. Data processing techniques for intrusion detection systems are also presented.