An anomaly intrusion detection system based on Intelligent user recognition

Abstract

Recently computer systems have become a critical part of network-connected system, possessing essential economic and human values to individuals and organizations. This key role of the systems has increased the requirements for their protection. They have to be more resistant against malicious activities. Intrusion detection is aimed at detecting and preventing such activities. It forms the last line of defence in the overall protection scheme of a computer system. It is useful not only in detecting successful breaches of security, but also for monitoring attempts to breach security, which provides important information for timely countermeasures. Thus, intrusion detection systems are useful even when strong preventive steps are taken to protect computer systems. In anomaly detection, computer systems compare current events with expected or predicted events. In this thesis, a typical decision problem in anomaly detection is transformed into three scenarios: what event is going to happen in the future, when, and how much danger it may cause.