{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:01:33Z","timestamp":1754157693475,"version":"3.41.2"},"reference-count":12,"publisher":"Emerald","issue":"3","license":[{"start":{"date-parts":[[2005,7,1]],"date-time":"2005-07-01T00:00:00Z","timestamp":1120176000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005,7,1]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>A work that combined strategies in designing anomaly\u2010based instruction detection system (IDS) was described in CSIDS. This new work seeks to improve on CSIDS.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>The shortcomings of CSIDS were first identified and critically analysed. An improved approach for combining data mining and expert system is then presented and implemented.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>The result of the evaluation of the new design produced a better result in terms of the detection efficiency and false alarm rate.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Research limitations\/implications<\/jats:title><jats:p>It might be necessary to use data from diverse environments to test the design. However, it was effectively shown that an IDS that combines strategies has been designed.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Practical implications<\/jats:title><jats:p>This work discusses the technical issues of IDS and will motivate researchers in IDS. It has also shown how strategies could be combined for effective intrusion detection.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>This paper resulted from the existing problems in IDS and presents practical information in intrusion detection. It is definitely a tool needed by researchers in IDS.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685220510602040","type":"journal-article","created":{"date-parts":[[2005,6,22]],"date-time":"2005-06-22T02:12:51Z","timestamp":1119406371000},"page":"235-243","source":"Crossref","is-referenced-by-count":0,"title":["An improved two\u2010tiered strategy to intrusion detection"],"prefix":"10.1108","volume":"13","author":[{"given":"A.S.","family":"Sodiya","sequence":"first","affiliation":[]},{"given":"H.O.D.","family":"Longe","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022020420481299200_b1","doi-asserted-by":"crossref","unstructured":"Bass, T. (2000), \u201cIntrusion detection systems and multi\u2010sensor data fusion\u201d, Communications of the ACM, Vol. 43 No. 4, pp. 99\u2010105.","DOI":"10.1145\/332051.332079"},{"key":"key2022020420481299200_b2","unstructured":"Debar, H., Becker, M. and Siboni, D. (1992), \u201cA neural network component for an intrusion detection system\u201d, Proceedings of the IEEE Symposium on Research in Computer Security and Privacy, Oakland, CA, May, pp. 240\u201050."},{"key":"key2022020420481299200_b3","unstructured":"Fawcett, T. and Foster, P. (1997), \u201cCombining data mining and machine learning for effective user profiling\u201d, Proceedings of the 3rd International Conference on Knowledge Discovery and Data Missing (KDD \u2013 97), Newport Beach, CA, 14\u201017 August."},{"key":"key2022020420481299200_b4","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S.A., Somayaji, A. and Longstaff, T.A. (1996), \u201cA sense of self for Unix processes\u201d, Proceedinges of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 120, 128.","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"key2022020420481299200_b5","unstructured":"Javitz, H.S. and Valdes, A. (1999), \u201cThe NIDES statistical component: description and justification\u201d, Technical Report, SRI Computer Science Laboratory, Menlo Park (CA, March 1994), available at: www.sdl.sri.com\/nides\/index5.html."},{"key":"key2022020420481299200_b6","unstructured":"Lane, T. and Brodley, C. (1997), \u201cAn application of machine learning to anomaly detection\u201d, Proceedings of the 20th National Information Systems Security Conference, Baltimore, MD, pp. 366\u201077."},{"key":"key2022020420481299200_b7","unstructured":"Lee, W., Stolfo, S.J., Chan, P.K., Wofan, E.E., Miller, M., Hershkop, S. and Zhang, J. (2001), \u201cReal\u2010time data\u2010mining\u2010based intrusion detection\u201d, Columbia University, New York, NY, available at: www.cs.columbia.edu\/ids.2001."},{"key":"key2022020420481299200_b8","unstructured":"Lundin, E. and Jonsson, E. (2002), \u201cSurvey of intrusion detection research\u201d, Technical Report, No. 02\u201004, Department of Computer Engineering, Chalmers University of Technology, G\u00f6teborg."},{"key":"key2022020420481299200_b9","unstructured":"Martino, S. (1999), A Mobile Agent Approach for Intrusion Detection, Joint Research Centre\u2010Institute for Systems, Informatics and Safety, Ispra."},{"key":"key2022020420481299200_b10","doi-asserted-by":"crossref","unstructured":"Noel, S., Wijesekera, D. and Youman, C. (2002), \u201cModern intrusion detection, data mining, and degrees of attack guilt\u201d, Applications of Data Mining in Computer Security, Kluwer, Dordrecht.","DOI":"10.1007\/978-1-4615-0953-0_1"},{"key":"key2022020420481299200_b11","doi-asserted-by":"crossref","unstructured":"Sodiya, A.S., Longe, H.O.D. and Akinwale, A.T. (2004), \u201cA new two\u2010tiered strategy to intrusion detection\u201d, Information Management & Computer Security, Vol. 12 No. 1, pp. 27\u201044.","DOI":"10.1108\/09685220410518810"},{"key":"key2022020420481299200_b12","doi-asserted-by":"crossref","unstructured":"Valdes, A. and Skinner, K. (2001), \u201cProbabilistic alert correlation\u201d, Recent Advances in Intrusion Detection (RAID 2001), Springer\u2010Verlag, Davis, CA.","DOI":"10.1007\/3-540-45474-8_4"}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685220510602040","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220510602040\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220510602040\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:08:54Z","timestamp":1753402134000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/13\/3\/235-243\/183412"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,7,1]]},"references-count":12,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2005,7,1]]}},"alternative-id":["10.1108\/09685220510602040"],"URL":"https:\/\/doi.org\/10.1108\/09685220510602040","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[2005,7,1]]}}}