research-article

An Intrusion-Detection Model

Author:

Dorothy E. DenningAuthors Info & Claims

IEEE Transactions on Software Engineering, Volume 13, Issue 2

Pages 222 - 232

https://doi.org/10.1109/TSE.1987.232894

Published: 01 February 1987 Publication History

Publisher Site

Abstract

A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.

Cited By

View all

Benhabbour IDacier M(2025)ENDEMIC: End-to-End Network Disruptions – Examining Middleboxes, Issues, and Countermeasures – A SurveyACM Computing Surveys10.1145/371637257:7(1-42)Online publication date: 21-Feb-2025
https://dl.acm.org/doi/10.1145/3716372
Boshoff DHancke G(2025)A classifications framework for continuous biometric authentication (2018–2024)Computers and Security10.1016/j.cose.2024.104285150:COnline publication date: 1-Mar-2025
https://dl.acm.org/doi/10.1016/j.cose.2024.104285
Uetz RHerzog MHackländer LSchwarz SHenze MBalzarotti DXu W(2024)You cannot escape meProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3699190(5179-5196)Online publication date: 14-Aug-2024
https://dl.acm.org/doi/10.5555/3698900.3699190
Show More Cited By

Index Terms

An Intrusion-Detection Model

Recommendations

Network intrusion detection

Intrusion detection is a new, retrofit approach for providing a sense of security in existing computers and data networks, while allowing them to operate in their current "open" mode. The goal of intrusion detection is to identify unauthorized use, ...
A Survey on Intrusion Detection and Prevention Systems
Abstract
In the digital world, malicious activities that violate the confidentiality, integrity, or availability of data and devices are known as intrusions. An intrusion detection system (IDS) analyses the activities of a single system or a network to ...
Real-time network-based anomaly intrusion detection
Real-time system security

The global internet has made computer systems world-wide vulnerable to an ever-changing array of attacks. A new approach to perform real-time network-based anomaly intrusion detection is presented in this paper. Real-time Tcptrace generates data streams ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image IEEE Transactions on Software Engineering

IEEE Transactions on Software Engineering Volume 13, Issue 2

Special issue on computer security and privacy

February 1987

173 pages

ISSN:0098-5589

Editors:
Virgil D. Gilgor
Univ. of Maryland, College Park
,
David J. Bailey
Los Alamos National Laboratory, Los Alamos, CA

Issue’s Table of Contents

Publisher

IEEE Press

Publication History

Published: 01 February 1987

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

506
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Benhabbour IDacier M(2025)ENDEMIC: End-to-End Network Disruptions – Examining Middleboxes, Issues, and Countermeasures – A SurveyACM Computing Surveys10.1145/371637257:7(1-42)Online publication date: 21-Feb-2025
https://dl.acm.org/doi/10.1145/3716372
Boshoff DHancke G(2025)A classifications framework for continuous biometric authentication (2018–2024)Computers and Security10.1016/j.cose.2024.104285150:COnline publication date: 1-Mar-2025
https://dl.acm.org/doi/10.1016/j.cose.2024.104285
Uetz RHerzog MHackländer LSchwarz SHenze MBalzarotti DXu W(2024)You cannot escape meProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3699190(5179-5196)Online publication date: 14-Aug-2024
https://dl.acm.org/doi/10.5555/3698900.3699190
Wanjau SWambugu GOirere AMuketha G(2024)Discriminative spatial-temporal feature learning for modeling network intrusion detection systemsJournal of Computer Security10.3233/JCS-22003132:1(1-30)Online publication date: 2-Feb-2024
https://dl.acm.org/doi/10.3233/JCS-220031
Neumann PLindqvist U(2024)The Future of Misuse DetectionCommunications of the ACM10.1145/368959667:11(27-28)Online publication date: 15-Oct-2024
https://dl.acm.org/doi/10.1145/3689596
Ricks BTague PThuraisingham BNatarajan SNiu JVaidya J(2024)Utilizing Threat Partitioning for More Practical Network Anomaly DetectionProceedings of the 29th ACM Symposium on Access Control Models and Technologies10.1145/3649158.3657046(83-91)Online publication date: 24-Jun-2024
https://dl.acm.org/doi/10.1145/3649158.3657046
Zhong YWang ZShi XYang JLi K(2024)RFG-HELAD: A Robust Fine-Grained Network Traffic Anomaly Detection Model Based on Heterogeneous Ensemble LearningIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.340243919(5895-5910)Online publication date: 17-May-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3402439
Narayan KGanesula RSomasekhar TMookherji SOdelu VPrasath RReddy A(2024)Attenuating majority attack class bias using hybrid deep learning based IDS frameworkJournal of Network and Computer Applications10.1016/j.jnca.2024.103954230:COnline publication date: 18-Oct-2024
https://dl.acm.org/doi/10.1016/j.jnca.2024.103954
Benabderrahmane SHoang NValtchev PCheney JRahwan T(2024)Hack me if you canFuture Generation Computer Systems10.1016/j.future.2024.06.050160:C(926-941)Online publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1016/j.future.2024.06.050
Shirsath VChandane MLal CConti M(2024)SYNTROPYComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110327244:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110327
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Network intrusion detection

A Survey on Intrusion Detection and Prevention Systems

Real-time network-based anomaly intrusion detection

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Share

Share this Publication link

Share on social media

Affiliations