A new two‐tiered strategy to intrusion detection
Information Management & Computer Security
ISSN: 0968-5227
Article publication date: 1 February 2004
Abstract
Researchers have used many techniques in designing intrusion detection systems (IDS) and yet we still do not have an effective IDS. The interest in this work is to combine techniques of data mining and expert systems in designing an effective anomaly‐based IDS. Combining methods may give better coverage, and make the detection more effective. The idea is to mine system audit data for consistent and useful patterns of user behaviour, and then keep these normal behaviours in profiles. An expert system is used as the detection system that recognizes anomalies and raises an alarm. The evaluation of the intrusion detection system design was carried out to justify the importance of the work.
Keywords
Citation
Sodiya, A.S., Longe, H.O.D. and Akinwale, A.T. (2004), "A new two‐tiered strategy to intrusion detection", Information Management & Computer Security, Vol. 12 No. 1, pp. 27-44. https://doi.org/10.1108/09685220410518810
Publisher
:Emerald Group Publishing Limited
Copyright © 2004, Emerald Group Publishing Limited