An overview of IDS using anomaly detection

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

Intrusion detection is the process of monitoring and analyzing the events occurring in a computer system in order to detect signs of security problems. The problem of intrusion detection can be solved using anomaly detection techniques. For instance, one is given a set of connection data belonging to different classes (normal activity, different attacks) and the aim is to construct a classifier that accurately classifies new unlabeled connections data. Clustering methods can be used to detect anomaly in data which might implies intrusion of a new type. This chapter gives a critical summary of anomaly detection research for intrusion detection. This chapter surveys a list of research projects that apply anomaly detection techniques to intrusion detection. Finally some directions for research are given.

Original languageEnglish
Title of host publicationCyber Warfare and Cyber Terrorism
PublisherIGI Global
Pages327-337
Number of pages11
ISBN (Print)9781591409915
DOIs
StatePublished - 1 Dec 2007

ASJC Scopus subject areas

  • General Computer Science

Fingerprint

Dive into the research topics of 'An overview of IDS using anomaly detection'. Together they form a unique fingerprint.

Cite this