Intrusion detection: approach and performance issues of the SECURENET system*
Author
Michel Denault,Dimitris Gritzalis,Dimitris Karagiannis,Paul Spirakis
Abstract
The first aim of this paper is to provide a comparison between the generic
characteristics of the detection-by-appearance and the detection-by-behavior
models for malicious software intrusion detection, and thus to discuss the
efficiency of intrusion detection systems based on AI technologies. We introduce
the SECURENET system, an experimental intrusion detection intelligent system,
which incorporates the use of expert systems, neural networks, and intent
specification languages. The second goal is to present the basis of a reaction-
time delay analysis for SECURNET in a typical WAN environment. Together with the
proportion of attacks detected, reaction time is one of the main efficiency
criteria of an intrusion detection system.
Address
New York, NY 10010
Institution
Elsevier Science LTtd
Journal
Computers & Security
Publication Date
0000-00-00
Keywords
intrusion detection, malicious software, SECURENET system, Intent specification,languages, expert systems, Neural networks
Location
A hard-copy of this is in the Papers Cabinet