Intrusion detection system based on system behavior

This work aims to designing and implementing own intrusion detection system based on system behavior. The main component of this system used in analysis and later in implementation is widely used against defending to another type of crime. Presumption that some techniques are well working against particular type of computer criminality leads to using those techniques against another type of computer criminality. An intrusion detection systems based on system behavior in general evaluates the behavior of observed system. Therefore the level of system observation is very important. We propose intrusion detection system that works at low level system observation. This is important because of many malicious codes nowadays mask their behavior and therefore is difficult to expose those malicious codes from user perspective. Proposed intrusion detection system aims to be modular because of achieving further development and also as simple as possible because of better user understanding. The interconnection of existing technologies and solutions and developing new one result to complex intrusion detection system.