ABSTRACT
Risk management is the essence of information security. The most desirable approach is to avoid risk altogether, or prevent the associated threats from occurring. Preventive measures are important, but they sometimes fail to prevent security incidents. To account for this, it is important for organizations to be able to identify and respond to violations of their security policy. A complete risk mitigation strategy must include detective and corrective measures to supplement preventive measures. This chapter examines an artificial intelligence technique for detecting intrusions.
