Host-Based Intrusion Detection System: Model and Design Features

  • Pyotr Zegzhda
  • Semyon Kort
Part of the Communications in Computer and Information Science book series (CCIS, volume 1)


This article reports on a model of a host-based intrusion detection system. Using a model of a state machine possible mechanisms of security violations in a computer system are analyzed. Thereafter principles are suggested for building an analysis module based on a model of dynamic monitoring of system statuses. The article concludes with a number of approaches for developing a data acquisition module for a host-based intrusion detection system.


intrusion detection host-based intrusion detection system attack API Intercept 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Axelsson, S.: Research in Intrusion-Detection systems: A Survey. Technical Report 98-17, Dept. of Computer Eng. Chalmers Univ. of Tech, SE-412 96 (1998)Google Scholar
  2. 2.
    Axelsson, S.: Intrusion Detection Systems: A Survey and Taxonomy. Technical Report 99-15, Depart. of Computer Engineering, Chalmers University (2000)Google Scholar
  3. 3.
    Allen, J., Christie, A., Fithen, W., McHugh, J. Pickel, J., Stoner, E.: State of the practice of intrusion detection technologies. Technical Report CMU/SEI-99TR-028, CMU/SEI (2000)Google Scholar
  4. 4.
    Richter, J.: Advanced Windows, 3rd edn. Microsoft Press (1997)Google Scholar
  5. 5.
    Solomon, D., Russinovich, M.: Microsoft Windows Internals, 4th edn. Microsoft Windows Server(TM) 2003, Windows XP, and Windows 2000. Microsoft Press, (2004)Google Scholar
  6. 6.
    Godber, A.: Linux Function Interception (2002). URL

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Pyotr Zegzhda
    • 1
  • Semyon Kort
    • 1
  1. 1.St. Petersburg State Polytechnical UniversitySt. PetersburgUSSR

Personalised recommendations