Intrusion-detection systems aim at detecting attacks against computer systems and networks. As it is difficult to provide provably secure information systems, intrusion-detection systems have the task of monitoring the usage of such systems. They detect attempts by users of the information systems or external parties to abuse their privileges or exploit security flaws. In this paper, we introduce a taxonomy that highlights the various aspects of this area. This taxonomy divides families of intrusion-detection systems according to their properties. It is illustrated by numerous examples from past and current projects.
By: Herve' Debar, Marc Dacier and Andreas Wespi
Published in: Computer Networks, volume 31, (no ), pages 805-22 in 1999
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.
Questions about this service can be mailed to reports@us.ibm.com .