An Overview of IDS Using Anomaly Detection

An Overview of IDS Using Anomaly Detection

Lior Rokach (Ben-Gurion University of the Negev, Israel) and Yuval Elovici (Ben-Gurion University of the Negev, Israel)
Copyright: © 2007 |Pages: 11
DOI: 10.4018/978-1-59140-991-5.ch038
OnDemand PDF Download:
No Current Special Offers


Intrusion detection is the process of monitoring and analyzing the events occurring in a computer system in order to detect signs of security problems. The problem of intrusion detection can be solved using anomaly detection techniques. For instance, one is given a set of connection data belonging to different classes (normal activity, different attacks) and the aim is to construct a classifier that accurately classifies new unlabeled connections data. Clustering methods can be used to detect anomaly in data which might implies intrusion of a new type. This chapter gives a critical summary of anomaly detection research for intrusion detection. This chapter surveys a list of research projects that apply anomaly detection techniques to intrusion detection. Finally some directions for research are given.

Complete Chapter List

Search this Book: