TY - JOUR
T1 - Towards a taxonomy of intrusion-detection systems
AU - Debar, Hervé
AU - Dacier, Marc
AU - Wespi, Andreas
N1 - Generated from Scopus record by KAUST IRTS on 2022-09-12
PY - 1999/4/23
Y1 - 1999/4/23
N2 - Intrusion-detection systems aim at detecting attacks against computer systems and networks, or against information systems in general, as it is difficult to provide provably secure information systems and maintain them in such a secure state for their entire lifetime and for every utilization. Sometimes, legacy or operational constraints do not even allow a fully secure information system to be realized at all. Therefore, the task of intrusion-detection systems is to monitor the usage of such systems and to detect the apparition of insecure states. They detect attempts and active misuse by legitimate users of the information systems or external parties to abuse their privileges or exploit security vulnerabilities. In this paper, we introduce a taxonomy of intrusion-detection systems that highlights the various aspects of this area. This taxonomy defines families of intrusion-detection systems according to their properties. It is illustrated by numerous examples from past and current projects.
AB - Intrusion-detection systems aim at detecting attacks against computer systems and networks, or against information systems in general, as it is difficult to provide provably secure information systems and maintain them in such a secure state for their entire lifetime and for every utilization. Sometimes, legacy or operational constraints do not even allow a fully secure information system to be realized at all. Therefore, the task of intrusion-detection systems is to monitor the usage of such systems and to detect the apparition of insecure states. They detect attempts and active misuse by legitimate users of the information systems or external parties to abuse their privileges or exploit security vulnerabilities. In this paper, we introduce a taxonomy of intrusion-detection systems that highlights the various aspects of this area. This taxonomy defines families of intrusion-detection systems according to their properties. It is illustrated by numerous examples from past and current projects.
UR - https://linkinghub.elsevier.com/retrieve/pii/S1389128698000176
UR - http://www.scopus.com/inward/record.url?scp=0033293396&partnerID=8YFLogxK
U2 - 10.1016/S1389-1286(98)00017-6
DO - 10.1016/S1389-1286(98)00017-6
M3 - Article
SN - 1389-1286
VL - 31
SP - 805
EP - 822
JO - Computer Networks
JF - Computer Networks
IS - 8
ER -