A computer system intrusion is seen as any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource.^1 The introduction of networks and the Internet caused great concern about the protection of sensitive information and have resulted in many computer security research efforts during the past few years. Although preventative techniques such as access control and authentication attempt to prevent intruders, these can fail, and as a second line of defence, intrusion detection has been introduced. Intrusion detection systems (IDS) are implemented to detect an intrusion as it occurs, and to execute countermeasures when detected. Usually, a security administrator has difficulty in selecting an IDS approach for his unique set-up. In this Report, different approaches to intrusion detection systems are compared, to supply a norm for the best-fit system. The results would assist in the selection of a single appropriate intrusion detection system or combine approaches that best fit any unique computer system.
[1]
W. Caelli,et al.
Information Security Handbook
,
1991
.
[2]
Dorothy E. Denning,et al.
An Intrusion-Detection Model
,
1987,
IEEE Transactions on Software Engineering.
[3]
G. T. Gangemi,et al.
Computer Security Basics
,
2006
.
[4]
Philip K. Chan,et al.
Learning Patterns from Unix Process Execution Traces for Intrusion Detection
,
1997
.
[5]
Terran Lane,et al.
An Application of Machine Learning to Anomaly Detection
,
1999
.
[6]
Stephanie Forrest,et al.
A sense of self for Unix processes
,
1996,
Proceedings 1996 IEEE Symposium on Security and Privacy.
[7]
Harold Joseph Highland,et al.
The 17th NSCS abstructArtificial Intelligence and Intrusion Detection: Current and Future Directions : Jeremy Frank, University of California, Davis, CA
,
1995
.
[8]
Aurobindo Sundaram,et al.
An introduction to intrusion detection
,
1996,
CROS.