A comparison of Intrusion Detection Systems

被引:137
作者
Biermann, E [1 ]
Cloete, E [1 ]
Venter, LM [1 ]
机构
[1] Technikon PTA, Dept Comp Technol, Pretoria, South Africa
关键词
intrusion detection systems; security; anomaly detection; misuse detection; security models;
D O I
10.1016/S0167-4048(01)00806-9
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 [计算机科学与技术];
摘要
A computer system intrusion is seen as any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource.(1) The introduction of networks and the Internet caused great concern about the protection of sensitive information and have resulted in many computer security research efforts during the past few years. Although preventative techniques such as access control and authentication attempt to prevent intruders, these can fail, and as a second line of defence, intrusion detection has been introduced. Intrusion detection systems (IDS) are implemented to detect an intrusion as it occurs, and to execute countermeasures when detected. Usually, a security administrator has difficulty in selecting all IDS approach Cor his unique set-up. In this Report, different approaches to intrusion detection systems are compared, to supply a norm for the best-fit system. The results would assist in the selection of a single appropriate intrusion detection system or combine approaches that best fit any unique computer system.
引用
收藏
页码:676 / 683
页数:8
相关论文
共 11 条
[1]
ANDERSON JP, 1980, COMPUTER THREAT MONI
[2]
[Anonymous], 1994, P 17 NAT COMP SEC C
[3]
CAELLI W, 1994, INFORMATION SECURITY
[4]
AN INTRUSION-DETECTION MODEL [J].
DENNING, DE .
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) :222-232
[5]
A sense of self for unix processes [J].
Forrest, S ;
Hofmeyr, SA ;
Somayaji, A ;
Longstaff, TA .
1996 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 1996, :120-128
[6]
Heady R, 1990, CS9020 U NEW MEX DEP
[7]
LANE T, 1997, 20 NAT INF SYST SEC
[8]
Lee W, 1997, AAAI WORKSH AI APPR, P50
[9]
Parker D. B., 1994, P 17 NAT COMP SEC C, P421
[10]
Russel D., 1992, COMPUTER SECURITY BA