An Intrusion-Detection Model

@article{Denning1986AnIM,
  title={An Intrusion-Detection Model},
  author={Dorothy E. Denning},
  journal={1986 IEEE Symposium on Security and Privacy},
  year={1986},
  pages={118-118},
  url={https://api.semanticscholar.org/CorpusID:10028835}
}
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that
View on IEEE
faculty.nps.edu
3,828 Citations
Highly Influential Citations
157
Background Citations
1,560
Methods Citations
792
Results Citations
11

Figures from this paper

3,828 Citations

Knowledge-based intrusion detection

The authors claim that integrating the two approaches in IDES provides for a comprehensive system for detecting intrusions as they occur.

Real-time intrusion detection

    T. Lunt
    Computer Science
    Digest of Papers. COMPCON Spring 89. Thirty…
  • 1989
It is shown that because IDES combines a statistical user profile approach with a rule-based expert system that characterizes intrusions, it has the potential to become a strong intrusion-detection system.

A pattern-oriented intrusion-detection model and its applications

    S. ShiehV. Gligor
    Computer Science
    Proceedings. 1991 IEEE Computer Society Symposium…
  • 1991
The authors justify the need for, and present, a pattern-oriented intrusion-detection model that can be used to analyze object privilege and data flows in secure computer systems to detect operational security problems.

Hybrid Model for Computer Intrusion Detection

An intrusion detection method that combines rule induction analysis for misuse detection and Fuzzy c-means for anomaly detection is proposed that is an accurate model for handle complex attack patterns in large networks.

On a Pattern-Oriented Model for Intrusion Detection

A model that tracks both data and privilege flows within secure systems to detect context-dependent intrusions caused by operational security problems is presented and it is expected that this model will complement, not replace, statistical models for intrusion detection.

A SURVEY on "INTRUSION DETECTION SYSTEM"

This paper builds a security domain based on the login and log-out mechanism, then a lamination distributed intrusion detection model of satellite network is proposed and a cooperation mechanism of intrusion detecting agent on satellite working inside and between the security domains is designed.

An Intrusion Detection Architecture for System Security

A new software architecture for intrusion detection is presented which makes use of a combination of data analysis and classification technologies including: artificial neural network, unconstrainted optimization, noise reduction, clusters recognition and high-dimensional data visualization.

A multi-layer model for anomaly intrusion detection using program sequences of system calls

A multi-layer model of program behaviours based on both hidden Markov models and enumerating methods for anomaly intrusion detection, which differs from the conventional single layer approach is built.

A Comparative Analysis of Current Intrusion Detection Technologies

An analysis of the progress being made in the development of effective intrusion detection systems for computer systems and distributed computer networks and the results of an informal survey of security and network professionals are discussed.

On a Difficulty of Intrusion Detection.

This paper discusses the “base-rate fallacy” and how it influences the relative success of an intrusion detection system, under a set of reasonable circumstances, and concludes that the false-alarm rate quickly becomes a limiting factor.
...

3 References