Research in intrusion detection systems (IDS) is mainly restricted to the misuse and anomaly detection dichotomy, and therefore to their limitations. Web attack detectors are a case in point, where ones that perform misuse detection are prone to miss novel attacks, whilst those performing anomaly detection produce impractical amounts of daily false alerts. Detectors inspired from the workings of the human immune system (HIS) have proposed new effective detection approaches, however without tackling the issue of novel attack resilience separately from anomaly detection.peer-reviewe
