Journal of Theoretical and Applied Information Technology
The design and implementation of Intrusion Detection Systems (IDS) remain an important area of research in the field of security of information systems. Despite the undeniable progress, much remains to be done to improve the security of computer networks today. For this, many mechanisms have been developed. In general, these systems are vulnerable to attack from unauthorized users (external attacks) as well as attacks by authorized users (internal attacks) who abuse the privileges granted to them. In this paper, the authors' contribution consists of the design of an intrusion detection system based on security policy at three levels. This approach, very interesting even for complex information systems, allows administrators of information systems and responsible of network security, the protection from external attacks and internal attacks.