Abstract
In general, intrusion detection systems are accurate and comfortable instruments for securing computer and network resources. But one of the great unsolved problems of deploying such systems in real-life environments is the low efficiency, especially in the context of applying the host-based attack identification paradigm. In this paper, a new approach for overcoming the efficiency problem is presented: HEIDI (High-Efficient Intrusion Detection Infrastructure). By this approach, flexible and efficiency-oriented modules and mechanisms are combined to obtain a distributed intrusion detection scheme.