Network intrusion detection: Evaluating cluster, discriminant, and logit analysis
Information Sciences: an International Journal
Hi-index | 0.00 |
IDA (Intrsion Detection Agent system) monitors MLSIs and detects intrusions by analyzing information related to the MLSIs. We adopt discriminant analysis to detect remote attacks after IDA detects an MLSI. Discriminant analysis provides a classification function that IDA can separate intrusive activities from nonintrusive activities. In this paper, we define MLSIs in remote attacks and explain how we perform discriminant analysis to detect intrusions in detail. We also describe how to extract an sample from system logs, which is neccessary to implement discriminant analysis function to IDA.