An Intrusion Detection Architecture for System Security

Intrusion detection aims to detect security violations from abnormal pattern of system usage. It is required that user activities be monitored by the system and that monitoring information be analysed to recognize behavior pattern of users. While basic monitoring capability is supported by most computer systems, analysis of monitoring data remains a problem of active research in system security. This paper presents a new software architecture for intrusion detection which makes use of a combination of data analysis and classification technologies including: artificial neural network, unconstrainted optimization, noise reduction, clusters recognition and high-dimensional data visualization. By carefully combining different data processing techniques, our scheme makes full use of their respective merits to solve the intrusion detection problem.