An overview of Intrusion Detection within an Information System: The Improvment by Process Mining

Information Systems handle big amount of data within enterprises by offering the possibility to collect, treat, keep and make information avail- able. To realize these tasks, it is important to secure data from intrusions that can affect confidentiality, availability and integrity of information. Un- fortunately, with the time, technologies are more used and various types of attacks act on it to create intrusion or misuses within Information Systems. Research in intrusion detection field is still looking for solutions of such relevant problems. The purpose of this paper is to present an overview of existing intrusion detection techniques compared to a new issue based on process mining used for event logs analysis to detect abnormal events that occurs on the system. events are classified accordingly to security policy etablished with fuzzy logic to build a set of fuzzy rules, for the definition of normal and abnormal events and then reduce the high level of false alerts.