From Surf Wiki (app.surf) — the open knowledge base
Misuse detection
Misuse detection actively works against potential insider threats to vulnerable computer data.
Misuse
Misuse detection is an approach to detecting computer attacks. In a misuse detection approach, abnormal system behaviour is defined first, and then all other behaviour is defined as normal. It stands against the anomaly detection approach which utilizes the reverse: defining normal system behaviour first and defining all other behaviour as abnormal. With misuse detection, anything not known is normal. An example of misuse detection is the use of attack signatures in an intrusion detection system. Misuse detection has also been used more generally to refer to all kinds of computer misuse.
References
References
- Helman, Paul, Liepins, Gunar, and Richards, Wynette, "Foundations of Intrusion Detection," The [[IEEE Computer Security]] Foundations Workshop V, 1992
This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page.
Ask Mako anything about Misuse detection — get instant answers, deeper analysis, and related topics.
Research with MakoFree with your Surf account
Create a free account to save articles, ask Mako questions, and organize your research.
Sign up freeThis content may have been generated or modified by AI. CloudSurf Software LLC is not responsible for the accuracy, completeness, or reliability of AI-generated content. Always verify important information from primary sources.
Report