A.V. Agafonov, A.N. Savinykh
One of the relevant tasks for information system with high availability (ISHA) is their protection from different kinds of computer intrusions.
Though notwithstanding intensive research in the field of development of methods and means of ISHA information security providing, the task's solving difficulty, and rapid information technologies development greatly hamper the creation of universal ways of its solving.
Nowadays intrusion detection system (IDS) that are based on the analysis of data bases with the help of different classes of methods of Data Mining, including the methods of exposure of patterns and logical relations between variables in large computer system audit databases are being researched and developed.
The article analyses modern models of logical relations in data bases, gives their classification and describes the application of conjunctive-disjunctive logical rules for detection intrusions into the computer networks based on the local area network and Internet TCP-traffic audit records data