IDES: a progress report (Intrusion-Detection Expert System)
54 Citations•1990•
T. Lunt, A. Tamaru, F. Gilham
[1990] Proceedings of the Sixth Annual Computer Security Applications Conference
No TL;DR found
Abstract
Describes a real-time intrusion-detection expert system (IDES), that observes user behavior on a monitored computer system and adaptively learns what is normal for individual users, groups, remote hosts, and the overall system behavior. Observed behavior is flagged as a potential intrusion if it deviates significantly from the expected behavior or if it triggers a rule in the expert-system rule base.<<ETX>>