CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Misuse Detection vs. Intrusion Detection

Mikhail Atallah - CERIAS /Purdue CS Department

Oct 11, 1996


Misuse detection has a number of differences from intrusion detection, which include the facts that the violator is authorized to access the target material, and can take her time doing the misuse by, e.g., spreading it over a period of time or over a number of sessions each of which looks "normal". After reviewing some of the common approaches to misuse detection, I'll explain how the pattern matching approach works, the special problems associated with using it for misuse detection, and possible ways of coping with these difficulties.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.