Revealing Method for the Intrusion Detection System (1004.4598v3)

Abstract: The goal of an Intrusion Detection is inadequate to detect errors and unusual activity on a network or on the hosts belonging to a local network by monitoring network activity. Algorithms for building detection models are broadly classified into two categories, Misuse Detection and Anomaly Detection. The proposed approach should be taken into account, as the security system violations caused by both incompliance with the security policy and attacks on the system resulting in the need to describe models. However, it is based on unified mathematical formalism which is provided for subsequent merger of the models. The above formalism in this paper presents a state machine describing the behavior of a system subject. The set of intrusion description models is used by the evaluation module and determines the likelihood of undesired actions the system is capable of detecting. The number of attacks which are not described by models determining the completeness of detection by the IDS linked to the ability of detecting security violations.