Preface SRI International has prepared this document as a full and complete disclosure of the Next-Generation Intrusion-Detection Expert System (NIDES) [3] statistical algorithm , including how it works, what decisions influenced the form of the algorithm, and the rationale behind those decisions. We have divided this document into four sections: Chapter 1 is a description of the NIDES statistical algorithm. It describes what the algorithm is and how it functions. Chapter 2 is a broad justification for the NIDES statistical algorithm. This section also includes a comparison to other statistical approaches to intrusion detection. Chapter 3 is a set of statistical criteria that can be used to evaluate the ap-propriateness of any statistical approach to intrusion detection. Although we did not formally use these criteria in the development of the NIDES statistical algorithm, they nevertheless had an important influence on the development of the algorithm. They may also be used to evaluate the suggestions of other statistical algorithm developers. Chapter 4 is a set of specific questions and answers that can be posed about the NIDES statistical algorithm. In this section we explore in more depth the specific choices we made in developing the NIDES statistical algorithm. We have found it convenient to use the question-and-answer format to address the relationship of the NIDES statistical algorithm to the work of Helman et al.
[1]
Leo Breiman,et al.
Classification and Regression Trees
,
1984
.
[2]
Glenn Shafer,et al.
Readings in Uncertain Reasoning
,
1990
.
[3]
Samuel Karlin,et al.
A First Course on Stochastic Processes
,
1968
.
[4]
B. Ripley,et al.
Pattern Recognition
,
1968,
Nature.
[5]
Rangaswamy Jagannathan,et al.
SYSTEM DESIGN DOCUMENT: NEXT-GENERATION INTRUSION DETECTION EXPERT SYSTEM (NIDES)
,
1993
.
[6]
Michael R. Anderberg,et al.
Cluster Analysis for Applications
,
1973
.
[7]
Paul Helman,et al.
Foundations of Intrusion Detection.
,
1992
.
[8]
D. F. Morrison,et al.
Multivariate Statistical Methods
,
1968
.