Intrusion detection systems (IDS) are usually deployed along with other
preventive security mechanisms as a second line of defense that protects
information systems. Even if preventive security mechanisms can protect
information systems successfully, it is still desirable to know what
intrusions have happened or are happening, so that the users can
understand the security threats and risks and thus be better prepared
for future attacks. This book unites three research contributions
detailing new approaches that are superior to existing centralized or
hierarchical approaches.