Abstract
Traditional computer security has often emphasized prevention, and to a lesser degree, the detection of system security violations. However, it is recognized that the forensic aspect to the overall model of computer security is equally as important. The area of computer forensics lends itself heavily to the response of a criminal violation that has already occurred ono a system. This paper views a forensic application within the framework of Intrusion Detection and details work accomplished on a prototype anomaly Intrusion Detection system.
