Abstract of Thesis Presented to the Graduate School
 of the University of Florida in Partial Fulfillment of the
 Requirements for the Degree of Master of Science

 DESIGN AND IMPLEMENTATION OF A POLICY-BASED INTRUSION
 DETECTION SYSTEM GENERIC INTRUSION DETECTION MODEL
 FOR A DISTRIBUTED NETWORK

 By

 Akhil Narayan Karkera

 December 2002

Chair: Dr. Richard E. Newman
Major Department: Computer and Information Science and Engineering

 Computer networks and computer systems on these networks are increasingly

being subject to attacks either to gain access to systems or simply to deny service to

legitimate users of those systems. Intrusion detection systems (IDS) to prevent or

mitigate these attacks have been in development for the past twenty years now. Earlier

systems were targeted towards specific types of attacks and this led to the development of

network-based and host-based IDS systems. The past decade has seen these systems

being integrated into one, but under single monolithic analysis components. Such systems

do not scale well to a distributed setting. Furthermore the single central analysis

component presents a single point of failure for the system.

 The focus of this thesis is the design and implementation of a generic intrusion

detection model (GIDEM) for a distributed network. This thesis extends and remodels the

original GIDEM architecture to suit the needs of a large network of potentially thousands

of hosts. Techniques to manage effectively the large number of hosts and ensure system