The article suggests the classification criteria of methods for anomaly detection in modern systems of detection of attacks. Reviewed and analyzed the most common group of methods is anomaly detection. It is shown that methods of detection in modern systems of detection of attacks, weak in parts a formal model of attack, and, consequently, they are difficult to rigorously evaluate properties such as computational complexity, correctness.
IDS, Cluster analysis, Expert systems, Neural networks, SVM
"Klasyfikatsiia metodiv vyiavlennia anomalii v informatsiinykh systemakh" [Classification of methods of anomaly detection in information systems],
Systems of Arms and Military Equipment,