Novel intrusion prevention and detection methods

Abstract

Analysis of contemporary information security systems (ISS) and especially the case of intrusion detection systems (IDS) shows us few character negative features and drawbacks. Original methods and combined anomaly and signature IDS applications are presented in the paper. Human-centered methods INCONSISTENCY, FUNNEL, CALEIDOSCOPE and CROSSWORD interact on a competitive principle and are controlled by a synthetic metamethod SMM. A research is going on for the possibilities of including other machine learning and data mining methods under the general control of SMM. Their applications aim at computational discovery and knowledge acquisition. It is reinforced by identification and resolution of contradictions, self-learning and other methods for analysis of different types of models from the ISS domain. The complexity of application results is considered. The data analysis in the field frequently needs an act of creation especially if it is applied in a knowledge-poor environment. It is shown that even in this case the creative processes are based on applications of clear and well-formalized methods.