An Intrusion-Detection Model

doi:10.1109/SP.1986.10010

Proceedings ArticleDOI

An Intrusion-Detection Model

Dorothy E. Denning

- pp 118-118

Chats0

TLDR

A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.

Abstract:

A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.

Citations

PDF

Open Access

More filters

Dissertation

Reliable Machine Learning Algorithms for Intrusion Detection Systems: Machine Learning for Information Security and Digital Forensics

Hai Thanh Nguyen

Dissertation

A Hybrid Approach to improve the Anomaly Detection Rate Using Data Mining Techniques

Priya Bansal, +1 more

TL;DR: .................................................................................... i Table of Contents; ii Table of References.

...read moreread less

Data collection for information security system

Boutheina A. Fessi, +4 more

TL;DR: A new approach to collect useful data from the network is proposed, based on new components called: observers, which is presented and the different components are described in details.

...read moreread less

Dissertation

Network Intrusion Classification Employing Machine Learning: A Survey

Afroja Bhuiyan Akhi, +3 more

TL;DR: This thesis work gives an overview of a different intrusion detection systems, a statistical comparison based on different classifier like single, hybrid and ensemble learning, and best machine learning classifiers, best datasets and some feature selections process in this thesis work.

...read moreread less

Dissertation

The Extended Maurer Model: Bridging Turing-Reducibility and Measure Theory to Jointly Reason about Malware and its Detection

Mohamed Elsayed Abdelhameed Elgamal

TL;DR: This dissertation presents a formal framework termed the extended Maurer model (EMM) and applies this framework to develop a game-theoretic model of the malware authors versus system defenders confrontation.

...read moreread less

Collapse

An Intrusion-Detection Model

Citations

Reliable Machine Learning Algorithms for Intrusion Detection Systems: Machine Learning for Information Security and Digital Forensics

A Hybrid Approach to improve the Anomaly Detection Rate Using Data Mining Techniques

Data collection for information security system

Network Intrusion Classification Employing Machine Learning: A Survey

The Extended Maurer Model: Bridging Turing-Reducibility and Measure Theory to Jointly Reason about Malware and its Detection

Related Papers (5)

Computer security threat monitoring and surveillance

A sense of self for Unix processes

Data mining approaches for intrusion detection

Snort - Lightweight Intrusion Detection for Networks

Anomaly detection: A survey