A Comparative Analysis of Current Intrusion Detection Technologies

Intrusion detection is a significant focus of research in the security of computer systems and networks. This paper presents an analysis of the progress being made in the development of effective intrusion detection systems for computer systems and distributed computer networks. The technologies which are discussed are designed to detect instances of the access of computer systems by unauthorized individuals and the misuse of system resources by authorized system users. A review of the foundations of intrusion detection systems and the methodologies which are the focus of current development efforts are discussed. The results of an informal survey of security and network professionals is discussed to offer a real-world view of intrusion detection. Finally, a discussion of the future technologies and methodologies which promise to enhance the ability of computer systems to detect intrusions is provided.