• DocumentCode
    2085942
  • Title

    Knowledge-based intrusion detection

  • Author

    Lunt, Teresa F. ; Jagannathan, R. ; Lee, Rosanna ; Whitehurst, Alan ; Listgarten, Sherry

  • Author_Institution
    SRI Int., Menlo Park, CA, USA
  • fYear
    1989
  • fDate
    27-31 Mar 1989
  • Firstpage
    102
  • Lastpage
    107
  • Abstract
    The authors describe the expert-system aspects of IDES (intrusion-detection expert system). A system for computer intrusion detection IDES uses two distinct approaches to detect anomalies (which could signify intrusions) in a computer system, namely, statistical and rule-based anomaly detection. In the statistical approach, recent behavior of a subject of a computer system is compared with observed behavior and any significant deviation is considered anomalous. In the rule-based approach, acceptable behaviour of a subject is captured by a set of rules which is used to identify anomalous observed behavior. The authors claim that integrating the two approaches in IDES provides for a comprehensive system for detecting intrusions as they occur
  • Keywords
    auditing; expert systems; safety systems; security of data; acceptable behaviour; audit data processing; automated audit trail analysis; computer intrusion detection; computer security; intrusion-detection expert system; observed behavior; rule-based anomaly detection; statistical anomaly detection; statistical intrusion detection; Access control; Computer science; Computer security; Data analysis; Data security; Expert systems; Intrusion detection; Laboratories; Pattern analysis; Real time systems;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    AI Systems in Government Conference, 1989.,Proceedings of the Annual
  • Conference_Location
    Washington, DC
  • Print_ISBN
    0-8186-1934-1
  • Type

    conf

  • DOI
    10.1109/AISIG.1989.47311
  • Filename
    47311
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2085942