A prototype real-time intrusion-detection expert system
暂无分享,去创建一个
The design and implementation of a prototype intrusion-detection expert system (IDES) are described. IDES is based on the concept that an intrusion manifests itself as a departure from expected behavior for a user. The prototype monitors users on a remote system, using audit records that characterize their activities. It adaptively learns the normal behavior of each user and detects and reports anomalous user behavior in real time.<<ETX>>
[1] D. E. Denning,et al. Analytical Techniques Development for a Statistical Intrusion Detection System (sids) Based on Accounting Records. Technical Report, 3.8 Clyde Digital Systems' Audit , 2007 .
[2] Dorothy E. Denning,et al. An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.
[3] Richard R. Linde,et al. Operating system penetration , 1975, AFIPS '75.